Windows Support Forum

Cannot get rid of one Trojan virus no matter what

Q: Cannot get rid of one Trojan virus no matter what

I use malwarebytes antimalware to clean my computer every so often. My facebook started trippin out yesterday and come to find out someone sent me a link that i clicked on and it sent me 52 viruses. It contained Trojan viruses and I seen one that said Hijacking so I figure I run the mb scan. I cleaned them all up except one specific one that WONT go away. It is the same Trojan and just cant get rid of it and i have run it 6 times already. I also ran a scan if a discussion i read here somewhere where i pushed control and clicked a link and it did an internet scan and found 6 more viruses. I still am left with this one trojan

Relevancy 100%
Preferred Solution: Cannot get rid of one Trojan virus no matter what

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Cannot get rid of one Trojan virus no matter what

Hi nicolefarris4, I know it looks like a lot, but it's really just a lot of text asking for only 4 scans. Once you've done these and posted the results in your next post, let me know how the computer is running.Note: You may have to perform some or all of the following in Safe Mode With Networking, depending on if you have internet access while in the normal Windows environment.========================================================================================================================================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.========================================================================================================================================================Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.========================================================================================================================================================Please download Malwarebytes Anti-Malware and save it to your desktop.Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet and double-click on the renamed file to install the application.
For instructions with screenshots, please refer to this Guide.When the installation begins, follow the prompts and do not make any changes to default settings.Malwarebytes will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.Click on the Scan button.When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.Make sure that everything is checked and then click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.Exit Malwarebytes when done.Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.========================================================================================================================================================Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.-- If you encounter any problems, try running GMER in safe mode.-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning.========================================================================================================================================================Remember, after posting the results of these scans, let me know how the computer is running.

http://www.bleepingcomputer.com/forums/t/425868/cannot-get-rid-of-one-trojan-virus-no-matter-what/
Relevancy 68.8%

My computer was full of viruses. I've been able to rid it of all but 2. These 2 are keeping me from repairing, uninstalling, or reinstalling my symantec antivirus. The only virus scan that I've found that can even detect them is safety.live.com, housecall, malwarebytes, and the trojan scan don't even detect it. Safety.live.com finds it but cannot repair it.

Any suggestions would be GREATLY appreciated!

A:can't get rid of virus no matter what i try....trojan:win32/Sudiet B and trojan: Win NT/tib.gen!

Hello ,I have been unable to get back to you but anyway please run these now.Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Now SAS:Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.

http://www.bleepingcomputer.com/forums/t/179789/cant-get-rid-of-virus-no-matter-what-i-trytrojanwin32sudiet-b-and-trojan-win-nttibgen/
Relevancy 53.32%

I'm trying to track down why AVG is using all my CPU cycles (read a thread about it here) and I've got it doing a complete scan.

It finds a Trojan "VB.IDT"

Sounds good? Sounds promising? That's what I thought at first.

But the files it finds the Trojan in are TMPEncExpress.zip and TMPEncExpress\Setup.exe

The point is: I use neither. They never get run.

Question: What's the importance of Trojans or Virus's or Adware, Malware, found in files that never get run? Nothing, surely?

p.s.

Unless it DOES get run somehow, by something I don't know about. How can I log every .exe that gets run by my machine?
 

A:Trojan Found - But What's It Matter?

Personaly, I wouldn't want them on my computer, either open or not.

Why don't you delete those files and be done with them?
 

https://forums.techguy.org/threads/trojan-found-but-whats-it-matter.879078/
Relevancy 52.03%

pretty much the thread's title. every file I download even simple stuff like FLASH from adobe's site or anything basic like drivers from Nvidia to anything complicated like Aion or WoW it says all the files are corrupt. Possible virus.

Also, I cannt download a malware scanning software because it will just say file is corrupt when i extract it.

Lastly, youtube videos are stopping randomly and any other flash product video type thing is stopping randomly halfway through the video.

Any suggestions on to why this is? I ran a full system scan on norton and nothing was picked up.

lastly, sound wont work on any browsers too. Like sound wont come up on youtube videos either. it will work at first, than stop the sound.

A:Every file I download is corrupt no matter ZIP or RaR. Possible trojan!

Welcome to TSF :)

Download GMER Antirootkit Here, click on Download EXE and save to your Desktop
Disconnect from the internet and disable all active protection so your security program drivers will not conflict with gmer's driver
Double-click Gmer.exe to run the program.
When the program opens, click the "Rootkit" Tab
On the right-side, check all the items to be scanned, but leave "Show All" unchecked
Select all drives that are connected to your system to be scanned
Click the Scan button
When the scan is finished, click Copy to save the scan log to the Windows clipboard
Open Notepad or a similar text editor
Paste the clipboard contents into a text file by clicking Edit | Paste or Ctl V
Save the gmer scan log and post it in your next reply.
Close Gmer
Open a command prompt (Start | run |type cmd and hit Enter)Type or paste the following to unload the gmer driver:
net stop gmer
Hit Enter
Exit the command prompt.

Re-enable all active protection.

http://www.techsupportforum.com/forums/f50/every-file-i-download-is-corrupt-no-matter-zip-or-rar-possible-trojan-495093.html
Relevancy 50.31%

So I have the TDDS redirect virus on my Windows 7 64-bit laptop. I have ran an extensive cocktail of antivirus tools such as combofix, malwarebytes, superantispyware TDSSKiller, GMer and Antivir. In fact, every time I restart the computer Avira says it found the TDDS.s virus but it never really removes it.

I started deleting folders and registry keys that had names of virus makers (probably shouldn't have done that) and even reinstalled FireFox. I checked my hosts file (which is ok) and it still redirects- only now it doesn't land on some spam page, i redirects 2 or 3 times and takes me back to the search results. This is consistent in Explorer as well.

I have been working on this since last night and have exhausted my resources. I simply do not know what to do.

A:Cannot stop TDDS virus no matter what I try

Hello,Please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button. Since you have run ComboFix, please include the ComboFix log in the new topic.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, include the information that you were unable to produce the other logs, include the ComboFix log, and describe what happens when you try to create the other logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

http://www.bleepingcomputer.com/forums/t/414987/cannot-stop-tdds-virus-no-matter-what-i-try/
Relevancy 49.88%

I ve been working on getting a very nasty virus off my WinXP Home Edition PC I initially could not get anything to run What virus Matter No back - coming Very nasty keeps The virus had done the following Disabled all antivirus software I could run including Spybot Search amp Destroy MBAM SuperAntiSpyware Combofix Avast to name a few Windows Update would not run - error message that it could not run in Safe Mode I was logged in as Administrator in normal boot up Permissions Very nasty virus keeps coming back - No Matter What were changed on many of my files by adding a new group and changing the normal administrator privileges Changed registry keys to always get safe mode enabled while logged in as Administrator thus not allowing many critical programs to run In any case - I was able to get the computer back to running but I still cannot find the virus because it is still lurking and reloads randomly or seemingly randomly I ve run out of options so I m posting here to get some help finding where this thing is actually hidden Last MBAM log before everything was back to normal at least for a couple days Malwarebytes Anti-Malware Database version Windows Service Pack PM mbam-log- - - - - txt Scan type Quick Scan Objects scanned Time elapsed minute s second s Memory Processes Infected Memory Modules Infected Registry Keys Infected Registry Values Infected Registry Data Items Infected Folders Infected Files Infected Memory Processes Infected No malicious items detected Memory Modules Infected No malicious items detected Registry Keys Infected HKEY CLASSES ROOT dpcupdater dpcupdater Trojan Vundo - gt Quarantined and deleted successfully HKEY CLASSES ROOT dpcupdater dpcupdater Trojan Vundo - gt Quarantined and deleted successfully HKEY CLASSES ROOT wtlhelper wtlhelper Trojan Vundo - gt Quarantined and deleted successfully HKEY CLASSES ROOT wtlhelper wtlhelper Trojan Vundo - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats a faf - e- cf- - f a d Adware MyWebSearch - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Windows AntiVirus Pro Rogue WindowsAntiVirusPro - gt Quarantined and deleted successfully Registry Values Infected HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Explorer idstrf Malware Trace - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Explorer WINID Malware Trace - gt Quarantined and deleted successfully Registry Data Items Infected No malicious items detected Folders Infected No malicious items detected Files Infected c WINDOWS SYSTEM D tmp Trojan Agent - gt Quarantined and deleted successfully c WINDOWS SYSTEM E tmp Trojan Agent - gt Quarantined and deleted successfully c WINDOWS SYSTEM F tmp Trojan Agent - gt Quarantined and deleted successfully Can someone help me find this one once and for all Thanks in advance

A:Very nasty virus keeps coming back - No Matter What

Please uninstall Mbam and download the newer version 1.40Update it and run a full scan------------------------------Then run ATF and SASATFPlease download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".------------------------------------SAS,may take a long time to scanPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with SUPERAntiSpyware as follows:Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.On the left, make sure you check C:\Fixed Drive.On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".Make sure everything has a checkmark next to it and click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.If asked if you want to reboot, click "Yes" and reboot normally.To retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.------------------------------Follow it up with a DR Web scanPlease download Dr.Web CureIt, the free version & save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and a... Read more

http://www.bleepingcomputer.com/forums/t/249425/very-nasty-virus-keeps-coming-back-no-matter-what/
Relevancy 49.88%

Referred Here From http www bleepingcomputer com forums t very-nasty-virus-keeps-coming-back-no-matter-what I've been directed to this board from Am I Infected after working with Garmanma I'm being repeatedly infected with a virus that loads various fake antivirus malware I initial had no control over the PC due to changes to file permissions registry changes and security group settings This infection included Vundo and Antivirus Pro After removing all these problems I was able to get clean runs of the following MBAM Complete Full Scan SAS ATF TempCleaner Dr WebCureIt - Complete Full ScanToday - the virus reloaded a new fake anitvirus program Personalize Antivirus Various popups - Critical Alert Virus detected IE windows with fake virus detections etc I believe there is a Rootkit somewhere hidden that is reloading these viruses Please Help - Thanks in advance for the assistance Here's the Logs DDS txt Log DDS Ver - - - NTFSx Run by hmorgan at on Wed Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV ThreatFire On-access scanning enabled Updated B B A - C - - D- FFC E Running Processes C WINDOWS system svchost -k DcomLaunchSVCHOST EXEC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k WudfServiceGroupSVCHOST EXESVCHOST EXEC WINDOWS system spoolsv Load Repeated Virus Many Scans No Matter How exeSVCHOST EXEC Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exeC Program Files Belkin Bluetooth Software bin btwdins exeC WINDOWS System svchost exe -k HTTPFilterC WINDOWS system libusbd-nt exeC Program Files LogMeIn x RaMaint exeC Program Files LogMeIn x LogMeIn exeC Program Files LogMeIn Repeated Virus Load No Matter How Many Scans x LMIGuardian exeC Program Files MozyHome mozybackup exeC Program Files Norton Utilities NPROTECT EXEC WINDOWS System snmp exeC Program Files Speed Disk nopdb exeC Program Files RealVNC VNC WinVNC exeC WINDOWS System dllhost exeC WINDOWS Explorer EXEC WINDOWS system wscntfy exeC WINDOWS system wuauclt exeC Program Files PopUp Killer PopUpKiller EXEC WINDOWS Mixer exeC Program Files LogMeIn x LogMeInSystray exeC Program Files Adobe Photoshop Elements apdproxy exeC WINDOWS system ctfmon exeC Program Files Plaxo PlaxoHelper en exeC Program Files Belkin Bluetooth Software BTTray exeC Program Files Logitech SetPoint SetPoint exeC Program Files Mightyfax MFNTCTL EXEC Program Files MozyHome mozystat exeC Program Files LogMeIn x LMIGuardian exeC Program Files WinZip WZQKPICK EXEC WINDOWS System svchost exe -k imgsvcC Program Files Common Files Logitech KhalShared KHALMNPR EXEC WINDOWS Explorer EXEC Program Files Common Files Real Update OB realsched exeC Program Files AIM aim exeC Program Files PersonalAV pav exeC Program Files Malwarebytes' Anti-Malware mbam exeC Documents and Settings hmorgan Desktop dds scr Pseudo HJT Report uSearch Page hxxp www google comuSearch Bar hxxp www comcast net toolbar search uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp rls com microsoft language referrer source amp ie inputEncoding amp oe outputEncoding amp sourceid ie uInternet Settings ProxyOverride localmSearchAssistant hxxp www comcast net toolbar search BHO HelperObject Class c d-c - c - -fce ad c - c program files techsmith snagit SnagItBHO dllBHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dllBHO Comcast Toolbar e bd f- b d- e- be-be df d ae - c progra comcas COMCAS DLLBHO SSVHelper Class bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dllBHO del icio us Toolbar Helper aa ae - ef- ec- ca- d cd ccdb - c program files del icio us internet explorer buttons dlcsIE dllBHO amp Helper a d - d- c- e -a c a - c windows system msxmlm dllBHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files google google toolbar GoogleToolbar dllBHO Google Dictionary Compression sdch c d fe-e d- -bb - c e e c e - c program files google google toolbar component fas... Read more

A:Repeated Virus Load No Matter How Many Scans

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the "Run Scan" button.The scan should take just a few minutes.Copy the log that opens up and paste it back here in your next reply.

http://www.bleepingcomputer.com/forums/t/250897/repeated-virus-load-no-matter-how-many-scans/
Relevancy 49.88%

My C disk is constantly running out of space I ve gotten form GB to MB and even what I on disk is shrinking, D Space or? do, matter no virus if I delete files I get some extra space for a short time then it keeps shrinking again Space on D disk is shrinking, no matter what I do, virus or? When I run TreeSize it shows that of windows is taken up by installer files I ran Avast and Spybot but they don t show any sign of virus or malware I tried Combo fix here is the log if that helps ComboFix - - - User - x Microsoft Windows XP Professional GMT Running from c desktop ComboFix exeAV avast Antivirus Disabled Updated DB - F - A -B - A FD D ADS - WINDOWS deleted bytes in streams Other Space on D disk is shrinking, no matter what I do, virus or? Deletions c documents and settings All Users Application Data TEMPc documents and settings User WINDOWSc program files SecureW c program files SecureW SecureW TTLS Client Uninstall exec windows system CddbCdda dllc windows system dllcache dlimport exec windows system SET D tmpc windows system SET D tmpc windows system SET E tmpc windows system Thumbs dbc windows system wpcap dllD Space on D disk is shrinking, no matter what I do, virus or? WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmpD WRL tmp Files Created from - - to - - - - - - -------- d-----w- c documents and settings User Local Settings Application Data VS Revo Group - - - - ----a-w- c windows system drivers revoflt sys - - - - -------- d-sh--w- c documents and settings NetworkService PrivacIE - - - - ----a-w- c program files Mozilla Firefox breakpadinjector dll - -... Read more

A:Space on D disk is shrinking, no matter what I do, virus or?

Hello yellow submarine, and welcome to BC!! My name is bloopie and I'll be helping you with your problems as best I can! A few things to keep in mind while we are working together:If you have since resolved the original problem you were having, I would appreciate it if you let me know.If you are unsure about any of the steps just post what you can and I will guide you!Please tell me if you have your original Windows CD/DVD available.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review your topic an do my best to resolve your issues.==========Step Going over your logs I noticed that you have u Torrent installed. Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.It is pretty much certain that if you continue to use P2P programs, you will get infected again.I would recommend that you uninstall u Torrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.If you wish to keep it, please do not use it until your computer is cleaned.==========Step Run a Combofix Script1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 3. Open notepad and copy the text in the codebox below, then paste it into the empty notepad:Firefox::
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\al8wd1vk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B9c2b38f0-db19-400b-b576-ed280805874a%7D&mid=111b569532aa4d478e320801b1bc0923-626ebfc1b7cde23ec9f28a17d786794ccb0c3f8f&ds=hk011&v=11.1.0.7&lang=en&pr=sa&d=2012-06-24%2020%3A59%3A11&sap=ku&q=
FF - prefs.js: network.proxy.type - 4

ClearJavaCache::
Save this as CFScript.txt, in the same location as ComboFix.exe Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.==========Step Now I'll need the attach.txt from a DDS scan (it will be minimized after the scan runs):Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the DDS results, and the attach.txt will be minimized. Please copy and paste the attach.txt in your next reply!Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE==========Step aswMBR scanPlease download aswMBR ( 4.5MB ) ... Read more

http://www.bleepingcomputer.com/forums/t/470183/space-on-d-disk-is-shrinking-no-matter-what-i-do-virus-or/
Relevancy 49.88%

After I upgraded my main computer to windows and finding that I had a conflict with Kaspersky won't what Defender virus? try--a no matter Windows start I and a few things I needed I decided to use Windows Defender on all my Win computers as the subscriptions came up So now I was Windows Defender won't start no matter what I try--a virus? uninstalling Kaspersky and every other anti-virus I could find on a laptop so I could turn on Windows Defender But every time I tried to turn it on in the control panel it would just take me to a windows explorer window If I try other methods to activate it I'm taken to a screen that gives this message This app has been turned off and isn't monitoring your computer If you're using another app to check for malicious or unwanted software use Action Center to check that app's status I found an instruction on a windows forum to turn it on from the command prompt using this command sc start WinDefend Enable The result was this message Windows cannot verify the digital signature for this file A recent hardware or software change might have installed a file that is signed incorrectly or damaged or that might be malicious software from an unknown source Ultimately I was going to come here anyway after I finished this task because this computer has been running terribly slow and I already suspected infections that weren't detected by running just the standard Kaspersky and Malwarebytes Any help is greatly appreciated

A:Windows Defender won't start no matter what I try--a virus?

Same computer?
http://www.bleepingcomputer.com/forums/t/515712/google-browser-not-working-even-after-re-install-virus/

http://www.bleepingcomputer.com/forums/t/518695/windows-defender-wont-start-no-matter-what-i-try-a-virus/
Relevancy 49.45%

Hello all My laptop was hit with a multiple virus infection while using Firefox Symantec seemed to have taken care of things at the time but I was still having some problems and it didn't seem to be able to get rid of TDSS I disabled system restore and tried to clean the registry manually but wasn't able to find all the entries listed on the Symantec site I disabled the TDSS driver via the control panel MBAM wouldn't install so I tried Spybot which found a few other issues Finally I was able to install MBAM and HJT from a disc and connected back to the internet again briefly to update both I ran CCCleaner then MBAM in safe mode and MBAM seems to have cleaned everything both MBAM and HJT scans looked ok afterwards though there Trojan.Agent, Trojan.Vundo, Malware.Trace... Virus Trojan.BHO, Multiple Trojan.VundoH, Trojan.Downloader, Trojan.TDSS, Infection: are still a few entries in the HJT log that look suspicious to me Everything seems to be Multiple Virus Infection: Trojan.Vundo, Trojan.VundoH, Trojan.BHO, Trojan.TDSS, Trojan.Agent, Trojan.Downloader, Malware.Trace... fine now and I proceeded to uninstall the old Java updates got all the latest Windows updates and then turned system restore on again I'm basically looking for some advice on what to do to make sure everything is in fact gone as there are those few HJT entries that look suspicious to me Thanks in advance DDS Version - NTFSx Run by mo at on Tue Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Symantec AntiVirus Corporate Edition On-access scanning enabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C Program Files TGTSoft StyleXP StyleXPService exe C Program Files Intel Wireless Bin S EvMon exe svchost exe svchost exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS ATKKBService exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Intel Matrix Storage Manager Iaantmon exe C Program Files Java jre bin jqs exe C WINDOWS system nvsvc exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files ASUS NB Probe SPM spmgr exe C WINDOWS system svchost exe -k imgsvc C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS RTHDCPL EXE C Program Files Intel Intel Matrix Storage Manager Iaanotif exe C Program Files Motorola SMSERIAL sm hlpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS ATK HControl exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files ASUS ASUS Direct Console LCMP EXE C Program Files ASUS ASUS Direct Console D DCheck exe C WINDOWS system RUNDLL EXE C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files Intel Wireless Bin Dot XCfg exe C WINDOWS ATK ATKOSD exe C Documents and Settings Owner Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com mWinlogon UIHost c windows system logonui exe BHO F F - BE - BF - CCD-F A FCC A B - No File BHO Java Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll uRun ctfmon exe c windows system ctfmon exe mRun RTHDCPL RTHDCPL EXE mRun Alcmtr ALCMTR EXE mRun IAAnotif quot c program files intel intel matrix storage manager Iaanotif exe quot mRun SMSERIAL c program files motorola smserial sm hlpr exe mRun SynTPEnh c program files synaptics syntp SynTPEnh exe mRun HControl c windows atk HControl exe mRun IntelZeroConfig quot c program files intel wireless bin ZCfgSvc exe quot mRun IntelWireless qu... Read more

A:Multiple Virus Infection: Trojan.Vundo, Trojan.VundoH, Trojan.BHO, Trojan.TDSS, Trojan.Agent, Trojan.Downloader, Malware.Trace...

My name is BHowett and I will be helping you to get sorted. If for any reason you do not understand any of the instructions, or are just unsure then please do not guess , simply post back with your question, and we will go through it again. This seems like a tech issue and not a malware problem, but lets take a look and see what we find.Sorry for the delay, please do the following...ComboFix Please ownload ComboFix from Here or Here* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\ComboFix.txt, and a fresh Hijackthis log in your next reply.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

http://www.bleepingcomputer.com/forums/t/192902/multiple-virus-infection-trojanvundo-trojanvundoh-trojanbho-trojantdss-trojanagent-trojandownloader-malwaretrace-prunnet/
Relevancy 43.43%

Referred from here http www bleepingcomputer com forums t help-needed-trojan-virus-detected OBHello I Detected name:Trojan.Win32.Tdss.axqv) Quarantined (Virus and Virus Trojan visited a website two days ago and downloaded an exe file When i clicked on the link the file disappeared and Rogers Online Protection in Canada by Rogers Communications notified me of a trojan virus intrusion that was quarantined I had it deleted in the middle of a full system scanning process while I was online with my infected laptopTried to run malwarebytes and couldn't update the software I noticed that although I couldn't access malwarebytes org I could run some other websites which told me that the virus was still present in my system I had started to receive random popups and disconnected my laptop Please note that I have not Trojan Virus Detected and Quarantined (Virus name:Trojan.Win32.Tdss.axqv) gone online from my Trojan Virus Detected and Quarantined (Virus name:Trojan.Win32.Tdss.axqv) laptop ever since I am presently using a clean computer to communicate as well as download installers updates from this forum Another thing to be noted is that I downloaded installers for DDS Defogger and GMER on my clean computer and transferred to my infected laptop using a USB flash drive I assume this is a safe Trojan Virus Detected and Quarantined (Virus name:Trojan.Win32.Tdss.axqv) procedure as I don't want to risk going online with my infected laptop I have scanned my usb drive for viruses using Kaspersky Anti- Virus on my clean computer and no threats were detected I have reformatted the usb drive just to be sure Have been following instructions outlined by boopme from Am I infected What do I do forum so far and did not face any problems running the applications ATF and SUPER on my laptop Now for some concerns- I have noticed some strange folders like for example a C Documents and Settings All Users JohnC which I did not create and is still present Suspicious looking text file with strange characters in C Temp cb syscheck txtThere might be as well other infected folders on my system and would like help identifying and deleting these infected folders I have disk partition on my system C and D and the virus seems to have affected only the C drive Could it have affected the D drive This might sound silly but I have somef Word documents e-books and mp s that I am created downloaded in C drive Are these virus safe and can I transfer them to a blank DVD Going to the technical stuff I am posting the requested DDS log and have made attachments Just a note here I didn't any disable scipt-blocking programs I am not sure how Did not receive any warnings stating any interference of script-blocking programs I am guessing this process didn't go well DDS Ver - - - FAT x Run by Twinkle at on Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Rogers Online Protection Anti-Virus On-access scanning enabled Updated B A BD - - -AEA -C BB B AV Norton Security Online On-access scanning disabled Updated E A - - -B - C C F FW Rogers Online Protection Firewall enabled BF -D - EC -ADAE-A F DFC A FW Norton Security Online enabled C A C -F F- AC -B -A E C F Running Processes C WINDOWS system svchost -k DcomLaunchSVCHOST EXEC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k WudfServiceGroupC Program Files Rogers Online Protection Rogers Online Protection Fws exeSVCHOST EXEC WINDOWS system spoolsv exeSVCHOST EXEC Acer eManager anbmServ exeSVCHOST EXEC Program Files Java jre bin jqs exeC Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exeC Program Files Raxco PerfectDisk PDAgent exeC WINDOWS system svchost exe -k imgsvcC Program Files Raxco PerfectDisk PDEngine exeC WINDOWS Explorer EXEC Program Files Rogers Online Protection Rogers Online Protection rps exeC Program Files Rogers Online Protection Rogers Online Protection RpsSecurityAwareR exeC Program Files Synaptics SynTP SynTPLpr exeC Program Files S... Read more

A:Trojan Virus Detected and Quarantined (Virus name:Trojan.Win32.Tdss.axqv)

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

http://www.bleepingcomputer.com/forums/t/302776/trojan-virus-detected-and-quarantined-virus-nametrojanwin32tdssaxqv/
Relevancy 42.57%

FRST LOG Scan result of Farbar Recovery Scan Tool FRST txt x Version - - Ran by Ariana administrator on ARIANA-PC on - - Running from C Users Ariana DownloadsLoaded Profiles Ariana Available profiles Ariana Platform Windows Home Premium Service Pack X OS Language English United States Internet Explorer Version Default browser Chrome Boot Mode NormalTutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be scan seing Infected for virus? Trojan alert for pop-ups virus with Keep Trojan! closed The file will not be moved Microsoft Corporation C Windows System wlanext exe Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter WLTRYSVC EXE Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter BCMWLTRY EXE Microsoft Corporation C Program Files x Microsoft BingBar SeaPort EXE Broadcom Corporation C Program Files WIDCOMM Bluetooth Software btwdins exe Acer Incorporated C Program Files x Acer AOP Infected with Trojan virus? Keep seing pop-ups for virus scan alert for Trojan! Framework CCDMonitorService exe Dritek System Inc C Program Files x Launch Manager dsiwmis exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerSvc exe Dritek System Inc C Program Files x Launch Manager LMutilps exe Acer Incorporated C Program Files x Acer Registration GREGsvc exe Intel reg Corporation C Program Files Intel iCLS Client HeciServer exe Intel Corporation C Program Files x Intel Intel reg Management Engine Components DAL Jhi service exe Acer Incorporated C Program Files Acer Acer Updater UpdaterService exe Malwarebytes Corporation C Program Files x Malwarebytes Anti-Malware mbamscheduler exe McAfee Inc C Program Files x McAfee Common Framework FrameworkService exe McAfee Inc C Program Files x McAfee VirusScan Enterprise VsTskMgr exe McAfee Inc C Windows System mfevtps exe McAfee Inc C Program Files x McAfee VirusScan Enterprise mfeann exe McAfee Inc C Program Files x McAfee Common Framework naPrdMgr exe NTI Corporation C Program Files x NTI Acer Backup Manager IScheduleSvc exe Nuance Communications Inc C Program Files x Nuance PaperPort PDFProFiltSrvPP exe McAfee Inc C Program Files Common Files McAfee SystemCore mcshield exe Realtek Semiconductor C Program Files Realtek Audio HDA RAVCpl exe Realtek Semiconductor C Program Files Realtek Audio HDA RAVBg exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerTray exe Intel Corporation C Windows System igfxpers exe Intel Corporation C Windows System igfxsrvc exe Intel Corporation C Windows System hkcmd exe Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter WLTRAY EXE Acresso Corporation C ProgramData FLEXnet Connect ISUSPM exe Intel Corporation C Windows System igfxext exe Broadcom Corporation C Program Files WIDCOMM Bluetooth Software BTTray exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerEvent exe McAfee Inc C Program Files x McAfee Common Framework UdaterUI exe McAfee Inc C Program Files x McAfee Common Framework McTray exe Dritek System Inc C Program Files x Launch Manager LManager exe Dritek System Inc C Program Files x Launch Manager MMDx Fx exe Dritek System Inc C Program Files x Launch Manager LMworker exe Adobe Systems Inc C Program Files x Adobe Acrobat Acrobat acrotray exe Intel Corporation C Program Files x Intel Intel reg USB eXtensible Host Controller Driver Application iusb mon exe Nuance Communications Inc C Program Files x Nuance PaperPort pptd nt exe Nuance Communications Inc C Program Files x Nuance PDF Viewer Plus pdfPro Hook exe Brother Industries Ltd C Program Files x Browny Brother BrStMonW exe Microsoft Corporation C Windows SysWOW rundll exe Acer Incorporated C Program Files x Acer AOP Framework BackgroundAgent exe C Program Files x Acer abDocs abDocsDllLoader exe Brother Industries Ltd C Program Files x ControlCente... Read more

A:Infected with Trojan virus? Keep seing pop-ups for virus scan alert for Trojan!

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please download Powelikscleaner (by ESET) and save it to your Desktop.Double-click the to start the tool.Read the terms of the End-user license agreement and click Agree if you agree to them.The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.The tool will produce a log in the same directory the tool was run from.Please copy and paste the log in your next reply.Step 2Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)Temporary disable your AntiVirus and AntiSpyware protection - instructions here.Right-click on icon and select Run as Administrator to start the tool.Wait patiently until the main console will appear, it may take a minute or two.In the main box please paste in the following script:process;
services-list;
systemspecs;
startupall;
filesrcm;
Make sure that Scan All Users option is checked.Push Run Script and wait patiently. The scan may take a couple of minutes.When the scan completes, a zoek-results logfile should open in notepad.If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)Post its content into your next reply.

http://www.bleepingcomputer.com/forums/t/564437/infected-with-trojan-virus-keep-seing-pop-ups-for-virus-scan-alert-for-trojan/
Relevancy 42.57%

FRST LOG Scan result of Farbar Recovery Scan Tool FRST txt x Version - - Ran by Ariana administrator on ARIANA-PC on - - Running from C Users Ariana DownloadsLoaded Profiles Ariana Available profiles Ariana Platform Windows Home Premium Service Pack X OS Language English United scan with Trojan! alert for virus virus? Keep Infected seing for pop-ups Trojan States Internet Explorer Version Default browser Chrome Boot Mode NormalTutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic Infected with Trojan virus? Keep seing pop-ups for virus scan alert for Trojan! -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved Microsoft Corporation C Windows System wlanext exe Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter WLTRYSVC EXE Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter BCMWLTRY EXE Microsoft Corporation C Program Files x Microsoft BingBar SeaPort EXE Broadcom Corporation C Program Files WIDCOMM Bluetooth Software btwdins exe Acer Incorporated C Program Files x Acer AOP Framework CCDMonitorService exe Dritek System Inc C Program Files x Launch Manager dsiwmis exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerSvc exe Dritek System Inc C Program Files x Launch Manager LMutilps exe Acer Incorporated C Program Files x Acer Registration GREGsvc exe Intel reg Corporation C Program Files Intel iCLS Client HeciServer exe Intel Corporation C Program Files x Intel Intel reg Management Engine Components DAL Jhi service exe Acer Incorporated C Program Files Acer Acer Updater UpdaterService exe Malwarebytes Corporation C Program Files x Malwarebytes Anti-Malware mbamscheduler exe McAfee Inc C Program Files x McAfee Common Framework FrameworkService exe McAfee Inc C Program Files x McAfee VirusScan Enterprise VsTskMgr exe McAfee Inc C Windows System mfevtps exe McAfee Inc C Program Files x McAfee VirusScan Enterprise mfeann exe McAfee Inc C Program Files x McAfee Common Framework naPrdMgr exe NTI Corporation C Program Files x NTI Acer Backup Manager IScheduleSvc exe Nuance Communications Inc C Program Files x Nuance PaperPort PDFProFiltSrvPP exe McAfee Inc C Program Files Common Files McAfee SystemCore mcshield exe Realtek Semiconductor C Program Files Realtek Audio HDA RAVCpl exe Realtek Semiconductor C Program Files Realtek Audio HDA RAVBg exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerTray exe Intel Corporation C Windows System igfxpers exe Intel Corporation C Windows System igfxsrvc exe Intel Corporation C Windows System hkcmd exe Broadcom Corporation C Program Files Broadcom Broadcom Network Adapter WLTRAY EXE Acresso Corporation C ProgramData FLEXnet Connect ISUSPM exe Intel Corporation C Windows System igfxext exe Broadcom Corporation C Program Files WIDCOMM Bluetooth Software BTTray exe Acer Incorporated C Program Files Acer Acer ePower Management ePowerEvent exe McAfee Inc C Program Files x McAfee Common Framework UdaterUI exe McAfee Inc C Program Files x McAfee Common Framework McTray exe Dritek System Inc C Program Files x Launch Manager LManager exe Dritek System Inc C Program Files x Launch Manager MMDx Fx exe Dritek System Inc C Program Files x Launch Manager LMworker exe Adobe Systems Inc C Program Files x Adobe Acrobat Acrobat acrotray exe Intel Corporation C Program Files x Intel Intel reg USB eXtensible Host Controller Driver Application iusb mon exe Nuance Communications Inc C Program Files x Nuance PaperPort pptd nt exe Nuance Communications Inc C Program Files x Nuance PDF Viewer Plus pdfPro Hook exe Brother Industries Ltd C Program Files x Browny Brother BrStMonW exe Microsoft Corporation C Windows SysWOW rundll exe Acer Incorporated C Program Files x Acer AOP Framework BackgroundAgent exe C Program Files x Acer abDocs abDocsDllLoader exe Brother Industries Ltd C Program Files x ControlCente... Read more

http://www.bleepingcomputer.com/forums/t/564436/infected-with-trojan-virus-keep-seing-pop-ups-for-virus-scan-alert-for-trojan/
Relevancy 42.57%

My pc is infected by following viruses Trojan Fakeavalert Trojan Peacomm D Trojan Perfcoo Trojan Pandex Downloader Dialer Trojan Trojan Horse Please let me know the steps for removal of these threats I am attaching a logfile from HijackThis for your reference Logfile of Trend Micro HijackThis v BETA Scan saved at on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass Trojan.Peacomm.D, (Trojan.fakeavalert, Multiple virus Trojan.Perfcoo) Solved: damage exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS system aspimgr exe C Program Files Symantec Client Security Symantec AntiVirus DefWatch exe C Program Files Symantec Client Security Symantec AntiVirus Rtvscan exe C WINDOWS Explorer exe C WINDOWS system HPZipm exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system printer exe C PROGRA SYMANT SYMANT vptray exe C Program Files Java jre bin jusched exe C Program Files Adobe Reader Reader Reader sl exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS system svchost exe C Program Files Adobe Acrobat Distillr AcroTray exe C Program Files American Solved: Multiple virus damage (Trojan.fakeavalert, Trojan.Peacomm.D, Trojan.Perfcoo) Systems Print Screen Deluxe psdeluxe exe C Program Files Internet Explorer IEXPLORE EXE C WINDOWS system wscntfy exe C Program Files MSN Messenger usnsvc exe C Solved: Multiple virus damage (Trojan.fakeavalert, Trojan.Peacomm.D, Trojan.Perfcoo) WINDOWS system wuauclt exe C Documents and Settings varma Desktop HiJackThis v exe F - REG system ini Shell Explorer exe C WINDOWS system printer exe F - REG system ini UserInit C WINDOWS system userinit exe rundll exe C WINDOWS system winsys dll start O - BHO IEHlprObj Class - ABCDECF - B - D -ABED- C - C WINDOWS system vtr dll file missing O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT SYMANT vptray exe O - HKLM Run WinAVX C WINDOWS system WinAvXX exe O - HKLM Run xydzyh C WINDOWS system xydzyh exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run startdrv C WINDOWS Temp startdrv exe O - HKLM Run HP SchedIndexer C Program Files Hewlett-Packard LaserJet xx hppschedindexer exe O - HKLM Run HP AutoIndexer C Program Files Hewlett-Packard LaserJet xx hppautoindexer exe O - HKLM Run DoNotDelete C WINDOWS system explore exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKCU Run WinAVX C WINDOWS system WinAvXX exe O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - Startup Print Screen Deluxe lnk C Program Files American Systems Print Screen Deluxe psdeluxe exe O - Startup system exe O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr AcroTray exe O - Global Startup autorun exe O - HKLM Software Microsoft Windows CurrentVersion Policies System DisableRegedit O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - HKLM System CCS Services Tcpip DE F B D- C - AA- D- F F FF NameServer O - AppInit DLLs C WINDOWS system sulimo dat O - SharedTaskScheduler Browseui preloader - C -A BA- D -B B- A C E - C WINDOWS system browseui dll O - SharedTaskScheduler Component Categories cache daemon - C EF- B - d -BE - C - C WINDOWS system br... Read more

A:Solved: Multiple virus damage (Trojan.fakeavalert, Trojan.Peacomm.D, Trojan.Perfcoo)

Download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
--------------------------------------------------------------------
1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
 

https://forums.techguy.org/threads/solved-multiple-virus-damage-trojan-fakeavalert-trojan-peacomm-d-trojan-perfcoo.650430/
Relevancy 41.28%

Hello all I have noticed my computer freezing and going to sites www abigaildiets Packed.Noper--Trojan horse... Identified go Won't horse just Multiple Trojans Away(Virus Virus and that Generic14.ZYF--Trojan com so fat loss site I didnt click So I installed AVG and PC-Tool Spyware docter they pick up most of the viruses Multiple Trojans and Virus that just Won't go Away(Virus Identified Packed.Noper--Trojan horse Generic14.ZYF--Trojan horse... but there were viruses that just wont go away it detects it but everytime i start up it picks it up again as if it was never deleted The infections are as detected by AVG Anti-Virus everytime I start up Virus Identified Packed NoperTrojan horse Generic ZYFTrojan horse SpamBot wMy HJT is as follows Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC Multiple Trojans and Virus that just Won't go Away(Virus Identified Packed.Noper--Trojan horse Generic14.ZYF--Trojan horse... WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC DOCUME WENTAO LOCALS Temp d exeC DOCUME WENTAO LOCALS Temp d exeC WINDOWS msd exeC PROGRA AVG AVG avgwdsvc exeC Program Files Bonjour mDNSResponder exeC Program Files Java jre bin jqs exeC Program Files Microsoft Office Office GrooveMonitor exeC MATLAB p p webserver bin win matlabserver exeC Program Files Adobe Acrobat Distillr Acrotray exeC Program Files Java jre bin jusched exeC Program Files Spyware Doctor pctsTray exeC Program Files Spyware Doctor pctsAuxs exeC Program Files Messenger msmsgs exec matlab p p bin win matlab exeC Program Files DNA btdna exeC Program Files DAEMON Tools Lite daemon exeC WINDOWS system igfxtray exeC PROGRA LAUNCH LManager exeC WINDOWS system hkcmd exeC WINDOWS system igfxpers exeC WINDOWS Fonts j j j exeC PROGRA AVG AVG avgtray exeC WINDOWS system igfxsrvc exeC Program Files Wallpaper Master Wallpaper exeC Program Files Synaptics SynTP SynTPEnh exeC PROGRA AVG AVG avgrsx exeC PROGRA AVG AVG avgnsx exeC WINDOWS system svchost exeC WINDOWS system wdfmgr exeC WINDOWS system igfxext exeC WINDOWS System svchost exeC Program Files Internet Explorer iexplore exeC Program Files Spyware Doctor pctsSvc exeC WINDOWS system ctfmon exeC WINDOWS system ctfmon exeC DOCUME WENTAO LOCALS Temp ctv exeC Documents and Settings wentao zhang Local Settings Application Data Google Chrome Application chrome exeC WINDOWS explorer exeC Documents and Settings wentao zhang Local Settings Application Data Google Chrome Application chrome exeC Documents and Settings wentao zhang Local Settings Application Data Google Chrome Application chrome exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Java jre bin java exeC Program Files AVG AVG avgui exeC Program Files AVG AVG avgcsrvx exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www ask com o amp l disR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - URLSearchHook AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllR - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook no name - C E B- - A - B- B BEFC DB - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO WormRadar com IESiteBlocker NavFilter - ca f - f e- b -a e- e e c c - C Program Files AVG AVG avgssie dllO - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLLO - BHO AVG Security Toolbar BHO - a bc a - f - -aa - d c - C Program Files AVG AVG Toolbar IEToolbar dllO - BHO AcroIEToolbarHelper Class - A... Read more

A:Multiple Trojans and Virus that just Won't go Away(Virus Identified Packed.Noper--Trojan horse Generic14.ZYF--Trojan horse...

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the "Run Scan" button.The scan should take just a few minutes.Copy the log that opens up and paste it back here in your next reply.=============The next log will show us any hidden files that are present.Download RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

http://www.bleepingcomputer.com/forums/t/252006/multiple-trojans-and-virus-that-just-wont-go-awayvirus-identified-packednoper-trojan-horse-generic14zyf-trojan-horse-spambotw/
Relevancy 39.99%

This is my first post on this site and I turn to you in desparation 2008 Trojan Anti / Anti Horse Downloader.fraudload.p Xp Virus Virus/trojan, I m not sure if I have two problems or one problem manifesting itself in two different ways which is why I have combined this post I have somehow gained a programme named quot Antivirus quot which is constantly warning me that I have Anti Virus/trojan, Anti Virus Xp 2008 / Trojan Horse Downloader.fraudload.p viruses on my computer When this initially started I ran my free Anti Virus/trojan, Anti Virus Xp 2008 / Trojan Horse Downloader.fraudload.p copy of AVG This warned me Anti Virus/trojan, Anti Virus Xp 2008 / Trojan Horse Downloader.fraudload.p of the presence of Trojan Horses but it was unable to remove them The full version of AVG would I was assured sort the problem In a moment of madness I then purchased the full AVG programme On running AVG it informed me of the presence of a huge number of trojan horses and offered to heal them I accepted that option and was informed that the trojans had been healed or maybe it was removed sent to the vault - to be honest I m getting a bit punch drunk now and I m not really sure Following this AVG quot Resident Shield Alerts quot keep popping up every - seconds warning me of more Trojan horses When I click quot Remove Threats quot or quot Heal quot sometimes I get a warning reply quot Some files could not be found quot Sometimes I don t Either way it doesnt make any difference - the next warning pops up about seconds later This is true whether I tick the quot power user quot box or not The exact details given by AVG are File Name C WINDOWS system ppchcgq j elfv exe Threat Name Trojan horse Downloader FraudLoad p Detected on Open Process Name C programfiles rhclq j e fv rhclq j e fv exe Process ID With regards to the Antivirus XP which I think has been the root cause of the problem I have tried quot START quot quot Control Panel quot quot Add Remove Programmes quot but get the error message quot An error occurred while trying to remove It may have been already un-installed Would you like to remove AntivirXP from the Add Remove Programmes list quot Any advice would be appreciated I am not by the way the smothest operator so any advice needs to be prtty much key stroke by keystroke Thanks The Darg

A:Anti Virus/trojan, Anti Virus Xp 2008 / Trojan Horse Downloader.fraudload.p

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.

http://www.bleepingcomputer.com/forums/t/169425/anti-virustrojan-anti-virus-xp-2008-trojan-horse-downloaderfraudloadp/
Relevancy 39.56%

Hi Trojan. Gen.Trojan.!TK, Virus.Win32.Trojan!TK, Generi!TK I was referred to this site by Fax from Zone Alarm forum I found these and others viruses and malware wit WEB Gen.Trojan.!TK, Virus.Win32.Trojan!TK, Trojan. Generi!TK DR and A I had in my computer before I isntalled Online Armor A and Web DR These programs Avast Zone Alarm PRO Zone Alarm Forcefield Adware Malabyte Spywareblaster and XofSpye DDS Ver - - - FAT x Run by Fernando at on Mon Internet Explorer Microsoft Windows XP Home Edition Gen.Trojan.!TK, Virus.Win32.Trojan!TK, Trojan. Generi!TK GMT - Running Processes C WINDOWS system svchost -k DcomLaunch SVCHOST EXE C WINDOWS System svchost exe -k netsvcs SVCHOST EXE C Program Files Tall Emu Online Armor OAcat exe C Program Files Tall Emu Online Armor oasrv exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files CheckPoint ZAForceField IswSvc exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE SVCHOST EXE C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Java jre bin jqs exe C Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS System svchost exe -k imgsvc C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Google Update GoogleUpdate exe C WINDOWS Explorer EXE C PROGRA ALWILS Avast ashDisp exe C PROGRA VERIZO HELPSU VERIZO EXE C Program Files Tall Emu Online Armor oaui exe C WINDOWS system ctfmon exe C Program Files Common Files Verizon Online ConnMgr cmisrv exe C Program Files Tall Emu Online Armor OAhlp exe C Program Files Common Files Verizon Online AppMgr vzOpenUIServer exe C WINDOWS system taskmgr exe C Program Files a-squared Free a service exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Documents and Settings Fernando Desktop dds scr C Documents and Settings Fernando Desktop dds scr Pseudo HJT Report uStart Page hxxp www mail com uInternet Settings ProxyOverride local uURLSearchHooks amp Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dll BHO AskBar BHO f d - - d - c -aa e ed - c program files askbardis bar bin askBar dll BHO MyBHO Class db c - c - c-a -bd a a b - c program files readonweb cleanpage ReadonwebToolbar dll BHO ForceField Toolbar Registrar a a c - - d c-bd d- cb eed e - c program files checkpoint zaforcefield trustchecker bin TrustCheckerIEPlugin dll BHO Advertising Cookie Opt-out e eb -adbd- -b e - bb decf - c program files google advertising cookie opt-out opt out dll BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll BHO CleanPageBHO Class f e ab- c - e - bad- d bec bb - c program files readonweb cleanpage CleanPage dll TB ForceField Toolbar ee ac e -b b - ec - a -bca a ab - c program files checkpoint zaforcefield trustchecker bin TrustCheckerIEPlugin dll TB ReadonwebToolbar b d c- ab- db- d f-e aab f - c program files readonweb cleanpage ReadonwebToolbar dll TB Foxit Toolbar d e-fd b- e -b - d b f - c program files askbardis bar bin askBar dll TB F C - FB - FE-BA - E DDE - No File TB D D FC-B D- BB - DB- A D E - No File TB amp Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dll TB FE A - C- - F-C BC CB - No File TB C C E-F - EC - F -DF C C E CB - No File TB DB BFA -A E - E- E A-C D CBF - No File TB C -F E- AA-B -E E BCFD - No File EB BBE - E - D -AD - D AD - No File EB - a - b-a - c a a - No File uRun ctfmon exe c windows system ctfmon exe uRun Advanced SystemCare quot c program files iobit advanced systemca... Read more

A:Gen.Trojan.!TK, Virus.Win32.Trojan!TK, Trojan. Generi!TK

Hello, neofito.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksPlease note that I am in the process of my training so it may take a while for me to get back to you, as each of my fixes need to be checked by a coach first.We need to run RSITDownload random's system information tool (RSIT) by random/random and save it to your desktop.Double click on RSIT.exe.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)In your next reply, please include the following:Log.txtinfo.txt

http://www.bleepingcomputer.com/forums/t/241220/gentrojantk-viruswin32trojantk-trojan-generitk/
Relevancy 38.7%

Hello First I would like to say hello I have read these guidelines Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help For now I need to say that I didn t do the DDS Infections and Trojan Virus.Win32.Nimnul.a Virus Trojan.Win32.Lebag.agi and GMER logs From what I had deep in my memory I assumed that you will need a ComboFix log and HiJackThis log I have those ready to post Now I know ComboFix is used if everything else fails If you would need me to do those DDS and GMER logs I will gladly do it tomorrow So back Virus and Trojan Infections Virus.Win32.Nimnul.a Trojan.Win32.Lebag.agi to my problem I m fixing a computer of my friend Firstly I scanned his hard drive in my own PC and deleted or disinfected the infected files I also have a log from Kaspersky There were couple of Trojans trojan downloaders and also one Virus The next thing I have Virus and Trojan Infections Virus.Win32.Nimnul.a Trojan.Win32.Lebag.agi done is put the HDD back into his PC and boot the OS Oh it is Win XP Home SP -bit I ve browsed the running services via Administrative Tools in Control Panel I ve browsed startup objects with MSConfig also I ve deleted some registry entries that were suspicious to me Internet Explorer seemed to be infected but it could pretty well be the effect of multiple Toolbars installed for IE WinOptimizer toolbar AVG antivirus toolbar I managed to uninstall AVG free antivirus with a uninstall tool from AVG website Add amp Remove Programs entry was corrupt Also I uninstalled Kaspersky Internet Security I couldn t download instructions from the website even if the connection was up and running This Hewlett-Packard Suite was maybe still is heavily infected I managed to install Firefox and the web seemed to work Older installation of Mozilla was corrupt In the end I installed HiJackThis and get some logs Also I installed ComboFix and Windows Recovery Console This is the first time I m posting some logs with intention of getting help from more experienced users I find myself moderately experienced also Will gladly take help and enhance my own knowledge regarding Malware removal and ComboFix usage Attachements ComboFix log from Normal mode HiJackThis log from Normal mode ComboFix log from Safe mode earlier log from Kaspersky scan If I ve done something wrong regarding topic creation and if you need other logs please let me know With regards azorek

A:Virus and Trojan Infections Virus.Win32.Nimnul.a Trojan.Win32.Lebag.agi

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

http://www.bleepingcomputer.com/forums/t/389122/virus-and-trojan-infections-viruswin32nimnula-trojanwin32lebagagi/
Relevancy 38.7%

Topic Title edited to show original Post Title KoanYorelHi I posted original post on the th July and have not had a replyThanks for any help that may come my wayCheers Johttp www bleepingcomputer com forums t w -alcra-f-virus-trojan-popper-virus-with- -downloader-viruss I am so sorry for double posting for some reason I cant post in the ' havent had a reply in days 'I have also tried to clean up my computer since the original post so I will put my new HiJack This log in this posting hope that isnt a problem ThanksLogfile of HijackThis v Scan saved at PM on Platform 2 + Popper F. Virus W32 Alcra Downloader Virus Virus's, Trojan With Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system W32 Alcra F. Virus + Trojan Popper Virus With 2 Downloader Virus's, csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system svchost exeC Program Files Common Files Symantec Shared ccSvcHst exeC WINDOWS Explorer EXEC Program Files Common Files Symantec Shared AppCore AppSvc exeC WINDOWS system spoolsv exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Common Files LightScribe LSSrvc exeC WINDOWS system NMSAccess exeC WINDOWS system nvsvc exeC WINDOWS system svchost exeC WINDOWS system wdfmgr exeC WINDOWS System alg exeC WINDOWS RTHDCPL EXEC Program Files HP HP Software Update HPwuSchd exeC Program Files QuickTime qttask exeC Program Files iTunes iTunesHelper exeC Program Files iPod bin iPodService exeC Program Files Java jre bin jusched exeC Program Files Nokia Nokia PC Suite LaunchApplication exeC Program Files MessengerPlus MsgPlus exeC Program Files Common Files Symantec Shared ccApp exeC Program Files MSGTAG MSGTAG exeC WINDOWS System svchost exeC Program Files Nokia Nokia PC Suite PcSync exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Common Files PCSuite Services ServiceLayer exeC PROGRA COMMON Nokia MPAPI MPAPI s exeC PROGRA INCRED bin IMApp exeC Program Files EarthView EarthView exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exec windows system hpsysdrv exeC Program Files MSN Messenger usnsvc exeC Program Files Common Files Real Update OB realsched exeC Program Files Internet Explorer IEXPLORE EXEC Program Files HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKLM Software Microsoft Internet Explorer Main Start Page http my ebay com au ws eBayISAPI dll MyeBay amp MyeBay O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - D - - dff-B A- E - C WINDOWS system ipv mons dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run IMJPMIG C WINDOWS IME imjp IMJPMIG EXE Spoil RemAdvDef Migration O - HKLM Run MSPY C WINDOWS system IME PINTLGNT ImScInst exe SYNCO - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNCO - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMENameO - HKLM Run RTH... Read more

A:W32 Alcra F. Virus + Trojan Popper Virus With 2 Downloader Virus's,

Welcome to the BleepingComputer HijackThis Logs and Analysis forum magic23My name is Richie and i'll be helping you to fix your problems.Please download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Also post a new Hijackthis log please.

http://www.bleepingcomputer.com/forums/t/99870/w32-alcra-f-virus-trojan-popper-virus-with-2-downloader-viruss/
Relevancy 38.27%

Hi Everyone Few days ago my dad opened an email which as you can see delivered all above viruses and trojans Since then I have been going through the logs and Virus, Bloodhound.Packed, Trojan Backdoor.Mutny, or Trojan.Startpage Dloader-FC and system registery and Trojan or Virus, Bloodhound.Packed, Backdoor.Mutny, Trojan.Startpage and Dloader-FC cleaning all the trojans I have used Symantec norton Ad-aware Spybot Xoftspy and few other spyware and adware removal tools I have gone through step by step removing each and every files explained in Many websites but the bloody thing keeps coming everytime I restart the pc Oh yes I have made a bootable cd and removed it from boot sector and memory as well but it didnt help dont laugh but i was so pissed off i was about to remove the motherboard battery haha joke Ok Im not too experienced in pc like you all but i do ok however I need your help First of all the pc is times slower I get a red desktop with few internet links in it ofcourse quot warning you have spyware click here to remove it quot I can not remove this desktop because everytime i go to remove it the mouse wont click on any other desktop picture in display properties Every time i loginto windows XP Pro SP I see about weired exe files loading in task manager THey are all in system directory i remove them then they show up with a different name such as QLP EXE or KPE EXE and ect THe most important effect is that I can not see the desktop files at all I only have Recycle bin and on the desktop I tried to search for the directories but they are not there however the search result shows them in C Desktop hows that possible there was not desktop in C all the users are supposed to be in document and setting then username then desktop What a virus The other problem is everytime I put something on the desktop it will double yes you read it right same name same extention haha im going creazy here I have restarted the pc and used hijackthis to get a log for you you can see a lot of stuff in host file I have tried to remove them even in safe mode it wont let me even after loging as admin I am about to format the bloody hard drive and lost all the files Please give me an ulternative please help Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS system crypserv exe C Program Files Norton AntiVirus IWP NPFMntor exe C PROGRA TRENDM INTERN PcCtlCom exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C PROGRA TRENDM INTERN Tmntsrv exe C WINDOWS System wdfmgr exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Norton AntiVirus navapsvc exe C Program Files XoftSpy XoftSpy exe C PROGRA TRENDM INTERN tmproxy exe C PROGRA TRENDM INTERN PccGuide exe C Desktop HijackThis exe C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL about blank R - HKLM Software Microsoft Internet Explorer Main Default Page URL about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKCU Software Microsoft Internet Explorer Main Local Page about blank R - Default URLSearchHook is missing O - Hosts www greg-tut com O - Hosts nylonsexy com O - Hosts www nylonsexy com O - Hosts vparivalka com O - Hosts www vparivalka comtoescrowpay com O - Hosts www awmdabest com O - Hosts www s... Read more

A:Trojan or Virus, Bloodhound.Packed, Backdoor.Mutny, Trojan.Startpage and Dloader-FC

run Kapersky as described here
http://forums.subratam.org/index.php?showtopic=3466&hl=bube

then download this attachment, to the desktop, rightclick it & rename it to fix.reg and double click it and say yes to the prompts to merge with the registry then post a new hjt log please

http://forums.techguy.org/attachment.php?attachmentid=53089
 

https://forums.techguy.org/threads/trojan-or-virus-bloodhound-packed-backdoor-mutny-trojan-startpage-and-dloader-fc.345993/
Relevancy 38.27%

A couple of days ago Win32 Trojan-gen Named A Do Off Solved: Computer!!! My Remove Trojan How Virus I I Solved: How Do I Remove A Trojan Virus Named Win32 Trojan-gen Off My Computer!!! got a trojan virus on my computer and I have no idea how to remove it I use avast antivirus and got the software needed - I think - such as CWShredder Hijack This v and XoftSpy v But I dont know how use them Please give me any advice THX email protected This is my log file if needed Logfile of HijackThis v Scan saved at on - - Platform Windows SE Win x A MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES ALWIL SOFTWARE AVAST ASHSERV EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RPCSS EXE C WINDOWS SYSTEM INTERNAT EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS ptsnoop exe C WINDOWS SYSTEM STIMON EXE C PROGRAM FILES COMMON FILES CMEII CMESYS EXE C WINDOWS MXX EXE C PROGRAM FILES ALWIL SOFTWARE AVAST ASHMAISV EXE C PROGRAM FILES COREL GRAPHICS REGISTER REMIND EXE C WINDOWS TWAIN S U BX WATCH EXE C PROGRAM FILES COMMON FILES GMT GMT EXE C PROGRAM FILES PRECISIONTIME PRECISIONTIME EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS SYSTEM TAPISRV EXE C HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www wp pl R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www eu microsoft com poland R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName amp amp cza O - BHO no name - C DF A- E - E - AB -D F - C PROGRA TEXTWARE QUICKF PLUGINS IEHELP DLL O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT CE READER ACTIVEX ACROIEHELPER OCX O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar DashBar Toolbar - CC CDA - A - b - EF-D CA C B - C PROGRAM FILES DASHBAR DASHBAR DLL O - HKLM Run internat exe internat exe O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run CountrySelection pctptt exe O - HKLM Run PTSNOOP ptsnoop exe O - HKLM Run StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKLM Run Zasobnik systemowy SysTray Exe O - HKLM Run CMESys quot C PROGRAM FILES COMMON FILES CMEII CMESYS EXE quot O - HKLM Run Konfigurator C WINDOWS mxx exe --start O - HKLM Run ashMaiSv C PROGRA ALWILS AVAST ashmaisv exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent C WINDOWS SYSTEM mstask exe O - HKLM RunServices avast C Program Files Alwil Software Avast ashServ exe O - Startup Corel Registration lnk C Program Files Corel Graphics Register Remind exe O - Startup Watch lnk C WINDOWS TWAIN S U BX WATCH exe O - Startup GStartup lnk C Program Files Common Files GMT GMT exe O - Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Startup PrecisionTime lnk C Program Files PrecisionTime PrecisionTime exe O - Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra context menu item amp Download by NetAnts - C PROGRA NETANTS NAGet htm O - Extra context menu item Download amp All by NetAnts - C PROGRA NETANTS NAGetAll htm O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra button NetAnts HKLM O - Extra Tools menuitem amp NetAnts HKLM O - IERESET INF SEARCH PAGE URL O - IERESET INF START PAGE URL O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http active macromedia com flash cabs swflash cab O - DPF A BA E - B - D -A - C EADE - http www private-pl com private exe O - DPF CBA A -E ED- D -A E- C EADE - http www private-pl com private exe O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandaso... Read more

A:Solved: How Do I Remove A Trojan Virus Named Win32 Trojan-gen Off My Computer!!!

Hi Darekk1982

Welcome to TSG!

Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"

O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\PROGRAM FILES\DASHBAR\DASHBAR15.DLL

O4 - HKLM\..\Run: [Konfigurator] C:\WINDOWS\mxx.exe --start

O4 - Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

O4 - Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=

O14 - IERESET.INF: START_PAGE_URL=

Restart to safe mode.

How to start your computer in safe mode

First in safe mode click on My Computer then go to View > Folder Options. Click on the "View" tab and make sure "Show all files" is ticked and uncheck "Hide file extensions for known file types". Click "Like Current Folder" then click "Apply" then "OK"

Now find and delete:

The C:\PROGRAM FILES\COMMON FILES\CMEII folder
The C:\Program Files\PrecisionTime folder
The C:\WINDOWS\mxx.exe file
Go here and download Adaware 6 Build 181

Install the program and launch it.

First in the main window look in the bottom right corner and click on Check for updates now and download the latest referencefiles.

Make sure the following settings are made and on -------ON=GREEN

From main window :Click Start then Activate in-depth scan (recommended)

Click Use custom scanning options then click Customize and have these options selected: Under Drives and Folders put a check by Scan within archives and below that under Memory and Registry put a check by all the options there.

Now click on the Tweak button in that same window. Under Scanning engine select Unload recognized processes during scanning and under Cleaning Engine select Let windows remove files in use at next reboot

Click proceed to save your settings.

Now to scan just click the Next button.

When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)

Restart your computer.
Then go here and download Spybot Search & Destroy.

Install the program and launch it.

Before scanning press Online and Search for Updates .

Put a check mark at and install all updates.

Click Check for Problems and when the scan is finished let Spybot fix/remove all it finds marked in RED.

Restart your computer.
 

https://forums.techguy.org/threads/solved-how-do-i-remove-a-trojan-virus-named-win32-trojan-gen-off-my-computer.224610/
Relevancy 38.27%

Question sys detected potential hazard trojan spm lx I have what I presume is a fake windows security message that tells me to download a probable fake anti-spyware program on my Security Total Trojan, HTML/FakeAV spm/lx hazard trojan Virus, sons computer He was watching tv on computer and trying to log on to facebook the sound stopped he got a warning which closed before he could read it The browser worked HTML/FakeAV Trojan, Total Security Virus, hazard trojan spm/lx fb worked he minimized the browser and the desktop was blue there was a warning that said he had spyware and had to run a scan and he clicked on the red circle x's thinking that was McAfee and it didn't do anything so he disabled his internet so nothing further would happen last thing he downloaded was the movie a night or two before and it ran that night fine When I checked frostwire was running and I turned it off He's running Windows Xp and there are two red circular icons with a white X on the taskbar and task manager is greyed out when I right click the taskbar and if I ctrl alt del it's greyed out as well This is what pops up Attention System detected a potential hazard TrojanSPM LX on your computer that may infect executable files Your private information and PC safety is at risk To get rid of unwanted spyware and keep your computer safe you need to update your current security software Windows XP McAfee Security Center I googled the virus and came across a page from this website that said to run malware bytes so I did that and saved the log and did as instructed and it seemed to go away but my son got on here again and he said all he did was go on facebook and the virus came back oh and he watched tv on here So now I've gone to the right place here and followed all instructions for programs to run and have attached them DDS Ver - - - NTFSx Run by HP Administrator at on Tue Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV McAfee VirusScan On-access scanning enabled Updated B EE - - CDE-A A-DD BA FAD FW McAfee Personal Firewall enabled B - C F- -BDA - CA DA E Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C WINDOWS Explorer EXE C WINDOWS system ctfmon exe C WINDOWS ehome ehtray exe C WINDOWS RTHDCPL EXE C Program Files HP DigitalMedia Archive DMAScheduler exe C Program Files HP HP Software Update HPwuSchd exe C HP KBD KBD EXE C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C Program Files MSN Toolbar Platform mswinext exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PifSvc exe C Program Files McAfee com Agent mcagent exe C Program Files McAfee MBK McAfeeDataBackup exe C WINDOWS arservice exe C Program Files NETGEAR WPN wpn exe C Program Files Symantec LiveUpdate AluSchedulerSvc exe C Program Files IVT Corporation BlueSoleil BTNtService exe C Program Files Bonjour mDNSResponder exe svchost exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C PROGRA McAfee VIRUSS mcshield exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files McAfee MPF MPFSrv exe C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system taskmgr exe C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C WINDOWS system dllhost exe C WINDOWS eHome ehmsas exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Mozilla Firefox firefox exe C Program Files Microsoft Search Enhancement Pack SCServer SCServer exe C WINDOWS system wuauclt exe C Program Files Common Files Apple Mobile Device Sup... Read more

A:HTML/FakeAV Trojan, Total Security Virus, hazard trojan spm/lx

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

http://www.bleepingcomputer.com/forums/t/273806/htmlfakeav-trojan-total-security-virus-hazard-trojan-spmlx/
Relevancy 38.27%

my grandson's pc he has obviously been in -those- websites I have it in my place working on it .I'm looking for help getting this cleaned out please . could someone please help .I have tried ewido ,nod32 , trojan hunter. I do have highjack at the ready .
 

Relevancy 38.27%

About my computer I use a laptop with mozilla fox as my internet I used to get pop-ups from internet explorer which I never use The pop-ups stopped after I remove some threats w IObit Now I get frequent pop-ups and lags from mozilla I ve had this trojan called Trohan Win Vundo for about weeks now IObit Security Scan Yesterday I downloaded IObit because I needed something that wouldn t freeze lag during a scan I normally use comodo but it takes FOREVER and never finishes So IObit detected about threats and successfully removed them however threat couldn t be removed which was Trojan Win Vundo I got the location which was in c windows system (?) Virtumonde.dll, and Virus/Trojan infections: Trojan.Win32/Vundo, possibly MyWeb.MyWebSearch, more yanohide dll I tried finding for it but it wasn t there Also whenever I try to load my security programs I get a message from from IObit saying that c windows system yanohide dll wants to connect in order for it to run I blocked it obviously Spybot S amp D I also tried scanning Virus/Trojan infections: Trojan.Win32/Vundo, Virtumonde.dll, MyWeb.MyWebSearch, and possibly more (?) with spybot S amp D but it s been lagging lately and Idk why I had to stop it halfway since it lagged and stopped So far it detected MyWeb MyWebSearch I m guessing this is the cause of the pop-ups and virtumonde dll I wasn t able to remove any of these because like I said S amp D lagged and stopped So I had to exit out of it myself Malwarebytes Scan Lastly I tried to run malwarebytes but I kept getting a window that said that a file was missing I used this before and never gotten this So I re-downloaded like times but the same message came up I m hoping that you guys could help me remove these nasty things through my hijack log I forgot to mention that I keep getting a random error window from internet explorere saying quot Runtime error at F B quot I only get this when I run my security programs Also do you have any idea why my comodo securtiy lags stops when it s halfway through its scan Thank you for your time Here s the Hijack log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC Program Files COMODO COMODO Internet Security cmdagent exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS Explorer EXEC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC WINDOWS system svchost exeC Program Files Bonjour mDNSResponder exeC WINDOWS System svchost exeC Program Files IObit IObit Security IS srv exeC Program Files Java jre bin jqs exeC Program Files McAfee SiteAdvisor McSACore exeC WINDOWS system HPZipm exeC WINDOWS system svchost exeC Program Files Windows Media Player WMPNetwk exeC WINDOWS System alg exeC Program Files Common Files Real Update OB realsched exeC Program Files Microsoft Office Office GrooveMonitor exeC Program Files QuickTime qttask exeC Program Files Samsung EmoDio SMSTray exeC Program Files COMODO COMODO Internet Security cfp exeC Program Files IObit IObit Security IS tray exeC WINDOWS system ctfmon exeC Program Files Windows Media Player WMPNSCFG exeC Program Files ViiKiiDesktopPlugin ViiKiiDesktopPlugin exeC WINDOWS system rundll exeC Program Files Mozilla Firefox firefox exeC Program Files trend micro HijackThis HijackThis exeC WINDOWS system wbem wmiprvse exeR - HKCU Software Microsoft Internet Explorer Main Start Page http google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Intern... Read more

A:Virus/Trojan infections: Trojan.Win32/Vundo, Virtumonde.dll, MyWeb.MyWebSearch, and possibly more (?)

Hello, ViaSarah.My name is aommaster and I will be helping you with your log.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksWe need to run RSITDownload random's system information tool (RSIT) by random/random and save it to your desktop.Double click on RSIT.exe.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)In your next reply, please include the following:Log.txtinfo.txt

http://www.bleepingcomputer.com/forums/t/295763/virustrojan-infections-trojanwin32vundo-virtumondedll-mywebmywebsearch-and-possibly-more/
Relevancy 38.27%

I have ran continuous spyware terminator and Spybot Search and Destroys and these keep popping up

Worm.Koobface-20
SPR/Tool.HIde.A
Virus.Sality.Y
Trojan.Inject.qyz

System Security 2009 is now for some strange reason on my desktop. I never installed in. It keeps trying to run on my system and tell me to buy it and everything....

In case the file I attached is messed here is the hijick this report

Please help! This is a crazy issue I have never seen before.

A:Major TROJAN and MALLWARE ISSUE!! (Trojan.Inject.qyz, Worm.Koobface, Virus.Sality.Y)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREKind regardsNet_Surfer

http://www.bleepingcomputer.com/forums/t/229337/major-trojan-and-mallware-issue-trojaninjectqyz-wormkoobface-virussalityy/
Relevancy 38.27%

I've been getting messages from my virus software quot symantec version quot constantly stating that it is finding and quarantining Trojan FakeAV and Trojan Vundo viruses when running windows in normal mode Sometimes the messages come in at more than a second and eventually clean and quarantine fail with a message access denied Along with this are constant messages stating my computer is infected and to purchase the fake antivirus software I have disabled system restore and Trojan.Vundo, Antiviruspro Trojan.FakeAV, 2010, virus pro, police advanced windows removal run virus Trojan.FakeAV, Trojan.Vundo, Antiviruspro 2010, windows police pro, advanced virus removal scans in safemode which usually catches a file or two Trojan.FakeAV, Trojan.Vundo, Antiviruspro 2010, windows police pro, advanced virus removal I have also run trendmicro scans which catches files or so As soon as i boot up in normal windows they come back very quickly It also appears that the viruses disable any ability to open a command line task manager regedit msconfig properties of my computer launch the system icon from control pannel or launch the firewall window from control pannel when running in normal mode In safe mode i can get the task manager back with a registry edit but thats about it I've tried installing malwarebytes through safemode but it will only work for seconds after initial installation and then the window disapears and can't be reopened I'm here because i have nowhere else to turn short of hitting the computer with the big hammer and just reloading windows something i'd like to avoid of course DDS log DDS Ver - - - NTFSx NETWORK Run by Katie at on Wed Internet Explorer Microsoft Windows XP Professional GMT - Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS system svchost exe -k netsvcs svchost exe svchost exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS Explorer EXE C WINDOWS system ctfmon exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Internet Explorer iexplore exe C Documents and Settings Katie Desktop dds scr Pseudo HJT Report uStart Page hxxp www yahoo com uSearch Page hxxp search live com uSearch Bar hxxp search live com sphome aspx uDefault Page URL hxxp www google com ig dell hl en amp client dell-inc amp channel us uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp sourceid ie amp rls com microsoft en-US amp ie utf amp oe utf uDefault Search URL hxxp www google com ie mSearch Bar hxxp us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html uInternet Settings ProxyOverride local uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp search live com sphome aspx BHO C - - BE-A C - A BD D BC - No File BHO D -C F - efb- B - ECA - No File BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dll BHO McAfee Anti-Phishing Filter d ed - cff- - a - ebb af - c progra mcafee spamki mcapfbho dll BHO DriveLetterAccess ca d e- - cf- e - - c windows system dla tfswshx dll BHO SSVHelper Class bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO ICQSys IE PlugIn dc b - - ba - be -d eb fa - c windows system plugie dll BHO QWProtectBHO Class d dff- f- d -a -a de - c documents and settings all users application data av QWProtect dll BHO CC A- F- AF-A -F D E B - No File BHO A B - D E- -A - C DE A - No File BHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files google googletoolbar dll BHO Google Toolbar Notifier BHO af de - d - -b fa-ce b ad d - c program files google googletoolbarnotifier swg dll BHO Browser Helper Object afd ad - c - db-a -fbe a c - c program files shared lib dll BHO AvayaIEHlprObj Class e df b - d f- a-a a - d a a a - c program files avaya avaya ip softphone AvayaWebDial dll TB BF - F -... Read more

A:Trojan.FakeAV, Trojan.Vundo, Antiviruspro 2010, windows police pro, advanced virus removal

Thanks for all that reviewed my logs. I was able to solve the problem by starting the computer in safemode and installing malwarebytes. The problem was the virus was deleting the malwarebytes program before i could run it. I was able to install and quickly copy the executable file to the desktop before it was deleted. The virus deleted the file out of the program files folder. I added it back in from the desktop and it worked!!! Great program, cleaned everything up!!!

http://www.bleepingcomputer.com/forums/t/264536/trojanfakeav-trojanvundo-antiviruspro-2010-windows-police-pro-advanced-virus-removal/
Relevancy 38.27%

Hey there - i ve recently been infected with the Trojan virus My symantec antivirus Auto-Protect detects Trojan.Gen/Trojan.Gen.2/Trogan.Zeroaccess.B Symantec of Infections counts numerous Antivirus Virus Results window shows Symantec Antivirus detects numerous counts of Trojan.Gen/Trojan.Gen.2/Trogan.Zeroaccess.B Virus Infections up every few minutes with new threats infections that include Trojan Gen Trojan Gen Trojan Zeroaccess B DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by G at on - - Microsoft Symantec Antivirus detects numerous counts of Trojan.Gen/Trojan.Gen.2/Trogan.Zeroaccess.B Virus Infections Windows Symantec Antivirus detects numerous counts of Trojan.Gen/Trojan.Gen.2/Trogan.Zeroaccess.B Virus Infections XP Professional GMT - AV Symantec AntiVirus Corporate Edition Enabled Updated FB E- B - A- F -E D C Running Processes C WINDOWS system svchost -k DcomLaunch C WINDOWS system svchost -k rpcss C WINDOWS System svchost exe -k netsvcs C WINDOWS System svchost exe -k NetworkService C WINDOWS System svchost exe -k LocalService C WINDOWS system spoolsv exe c program files common files logishrd lvmvfm LVPrcSrv exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Common Files Symantec Shared ccSetMgr exe C WINDOWS System CTSvcCDA EXE C Program Files Symantec AntiVirus DefWatch exe C Program Files Diskeeper Corporation Diskeeper DkService exe C Program Files Stardock Object Desktop WindowBlinds wbload exe C WINDOWS System emitray exe C Program Files Seagate SeagateManager Sync FreeAgentService exe C WINDOWS Explorer EXE C Program Files Java jre bin jqs exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe -k imgsvc C Program Files Symantec AntiVirus Rtvscan exe C Program Files Web Assistant ExtensionUpdaterService exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Documents and Settings G Application Data xsecva xsecva exe C Program Files Creative SBAudigy ZS Surround Mixer CTSysVol exe C WINDOWS Logi MwX Exe C Program Files Microangelo muamgr exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Seagate SeagateManager FreeAgent Status StxMenuMgr exe C program files real realplayer update realsched exe C Program Files DivX DivX Update DivXUpdate exe C Program Files SyncroSoft Pos H O cledx exe C Program Files iTunes iTunesHelper exe C Documents and Settings G Application Data xsecva xsecva exe C WINDOWS system rundll exe C Program Files Creative MediaSource RemoteControl RcMan exe C WINDOWS System alg exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system wscntfy exe C WINDOWS system ctfmon exe C Program Files Internet Explorer iexplore exe C Program Files iPod bin iPodService exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logitech khalshared KHALMNPR EXE C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C Program Files Google Chrome Application chrome exe C WINDOWS system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp mystart incredibar com mb a R AB FEZ amp i uSearch Page hxxp www google com uSearch Bar hxxp www google com ie uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp sourceid ie amp rls com microsoft en-US amp ie utf amp oe utf mDefault Search URL hxxp www google com ie uInternet Settings ProxyOverride local uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s m... Read more

A:Symantec Antivirus detects numerous counts of Trojan.Gen/Trojan.Gen.2/Trogan.Zeroaccess.B Virus Infections

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster. NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer. NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.Security CheckDownload Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the following
Log from Combofixlet me know of any problems you may have had
How is the computer doing now?Gringo

http://www.bleepingcomputer.com/forums/t/466367/symantec-antivirus-detects-numerous-counts-of-trojangentrojangen2troganzeroaccessb-virus-infections/
Relevancy 38.27%

Hi My computer has really slowed down ever since I got these viruses It also crashes randomly and gives me a blue screen I tried to do a system restore but failed Bitdefender keeps on telling me that its blocking a virus called quot Trojan Generic quot and also another one called quot Trojan Horse quot but the box keeps on popping out every seconds or Generic/Horse Virus them. not Anti Trojan. Trojan fixing so I have scanned my computer with HijackThis and will post the resulst below I will appreciate any suggestions anyone out there has since I ve tried on myself for a week to remove it with programs like Malwarebytes Spyware Doctor actually bought it days ago but it did nothing Bit Defender AVG and have failed to remove it Thank you for your time Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT Trojan Generic/Horse Trojan. Anti Virus not fixing them. MSIE Internet Explorer v Boot mode Normal Running processes C Users Gabriel DLT Local Settings Apps F lux flux exe C Program Files Trojan Generic/Horse Trojan. Anti Virus not fixing them. x McAfee Security Scan SSScheduler exe C Program Files x CyberLink PowerDVD DX PDVDDXSrv exe C Program Files x Dell DataSafe Online DataSafeOnline exe C Program Files x Roxio Roxio Burn RoxioBurnLauncher exe C Program Files x Dell Webcam Dell Webcam Central WebcamDell exe C Program Files x iTunes iTunesHelper exe C Program Files x AVG AVG avgtray exe C Program Files x AVG Secure Search vprot exe C Program Files x PC Tools Security pctsGui exe C Program Files x PC Tools Security BDT FGuard exe C Program Files x Internet Explorer IELowutil exe C Program Files x Mozilla Firefox firefox exe C Program Files x Mozilla Firefox plugin-container exe C Program Files x Mozilla Firefox plugin-container exe C Users Gabriel DLT Downloads HijackThis exe C Windows SysWOW DllHost exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook McAfee SiteAdvisor Toolbar - EBBBE -BAD - B C- E A- ABECAE - c PROGRA mcafee SITEAD mcieplg dll R - URLSearchHook no name - bf fa-e b - db -af e- d a bfc - no file R - URLSearchHook no name - ba e- - -b f - e d cc - no file R - URLSearchHook PC Tools Browser Guard - EA- A- b-ADF - D E CC - C Program Files x PC Tools Security BDT PCTBrowserDefender dll O - BHO no name - D -C F - efb- B - ECA - no file O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - c Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO McAfee Phishing Filter - B A- - A -B -BE AFE AB - c progra mcafee msk mskapbho dll O - BHO Browser Defender BHO - A F D B- - FF -B - CCE E - C Program Files x PC Tools Security BDT PCTBrowserDefender dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files x AVG AVG avgssie dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files x Microsoft Office Office GrooveShellExtensions dll O - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files x Common Files McAfee SystemCore ScriptSn dll O - BHO Windows Live ID Sign-in Helper - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO AVG Security Toolbar - B C- C F- BF -B - A - C Program Files x AVG Secure Search AVG Secure Search toolbar dll O - BHO Windows Live Messenger Companion Helper - FDDE B- F- -AB F- CBEFF - C Program Files x Windows Live Comp... Read more

https://forums.techguy.org/threads/trojan-generic-horse-trojan-anti-virus-not-fixing-them.1020542/
Relevancy 38.27%

OK HERES MY PROBLEM I HAVE A TROJAN VIRUS ON MY COMPUTER I HAVE NO IDEA OF HOW I GOT THERE. ITS BEEN DETECTED ON MY COMPUTER AND I HAVE BEEN TRYN ALL WEEKEND TO REMOVE IT FROM MY COMPUTER. I REALLY DONT CARE IF I HAVE 2 REMOVE IT MANUALLY OR BY SOFTWARE I REALLY WOULD LIKE 2 REPAIR IT MANUALLY RITE CAUSE I DONT HAVE NE MONEY 2 BUY SOFTWARE 2 FIX IT RITE NOW!!!!! SO IF ANY ONE CAN HELP ME CONTACT ME BY EMAIL AT [email protected]

THANKS 4 THE TIME
 

A:How Do I Remove A Trojan Virus Named Win32 Trojan-gen Off My Computer!!!

https://forums.techguy.org/threads/how-do-i-remove-a-trojan-virus-named-win32-trojan-gen-off-my-computer.215495/
Relevancy 38.27%

I got rid of this virus through spyware doctor and was able to remove 4% of space, but defrag needs 15% to work properly. How to I go in and find where they put all this stuff to use up my C-drive and remove it? I have my defrag logs but they don't tell me where the problems are located. I'm happy to post a new log if someone tells me what they need. Any ideas? I have posted latest defrag log.
Thanks

A:Help with Trojan Downloader.agent.BDBU/Virus gone how to reclaim trojan used ram

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f50/help-with-trojan-downloader-agent-bdbu-virus-gone-how-to-reclaim-trojan-used-ram-460475.html
Relevancy 38.27%

picked up these bad boys when i was stupid and launched an exe that i help. horse/downloader trojan.vundo/trojan Solved: virus wasn t too sure of in the first place anyway nothing i have is getting rid of them the following is my HJT log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Microsoft Windows OneCare Live Antivirus MsMpEng exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Alias Maya docs Wrapper exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Solved: trojan.vundo/trojan horse/downloader virus help. Program Files Solved: trojan.vundo/trojan horse/downloader virus help. Common Files Autodesk Shared Service AdskScSrv exe C WINDOWS system CTsvcCDA exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Alias Maya docs jre bin java exe C Program Files Autodesk dsMax mentalray satellite raysat dsmax server exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files Symantec AntiVirus Rtvscan Solved: trojan.vundo/trojan horse/downloader virus help. exe C Program Files Microsoft Windows OneCare Live Firewall msfwsvc exe C Program Files Microsoft Windows OneCare Live winss exe C WINDOWS Explorer EXE C Program Files Microsoft Windows OneCare Live winssnotify exe C WINDOWS SOUNDMAN EXE C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Logitech Video LogiTray exe C Program Files Common Files Real Update OB realsched exe C Program Files Java jre bin jusched exe C Program Files HP HP Software Update HPWuSchd exe C WINDOWS system wuauclt exe C WINDOWS CTHELPER EXE C WINDOWS system CTXFIHLP EXE C WINDOWS SYSTEM CTXFISPI EXE C WINDOWS system rundll exe C WINDOWS system regsvr exe C Program Files iTunes iTunesHelper exe C Program Files Messenger msmsgs exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system LVComS exe C Program Files Common Files Ahead lib NMBgMonitor exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Creative MediaSource Detector CTDetect exe C Program Files Pando Networks Pando Pando exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logitech KHAL KHALMNPR EXE C Program Files HP Digital Imaging bin hpqSTE exe C Program Files iPod bin iPodService exe C WINDOWS system NOTEPAD EXE C Documents and Settings Steve Desktop KillBox exe C Documents and Settings Steve Desktop HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run NVIDIA nTune quot C Program Files NVIDIA Corporation nTune nTune exe quot clear O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT VPTray exe O - HKLM Run NVRTCLK C WINDOWS system NVRTCLK NVRTClk exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run LogitechVideoRepair C Program Files Logitech Video ISStart exe O - HKLM Run LogitechVideoTray C Program Files Logitech Video LogiTray exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB... Read more

Relevancy 38.27%

windows keep popping up all my security Trojan.Win32/Trojan-Downloader/not-a-virus.AdWare Infected with programs can not run i cannot install windows defender and the computer is much slower and constant stating that spyware has been detected Below I have pasted the log and info text file generated from the RSIT program Thank you or all your help Logfile of random's system information tool written by random random Run by Narda at - - Microsoft Windows XP Home Edition Service Pack System drive C has GB free of GBTotal RAM MB free Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system ZoneLabs vsmon exeC WINDOWS Explorer EXEC WINDOWS system spoolsv exeC WINDOWS System Ati evxx exeC WINDOWS System svchost exeC Program Files Sony VAIO Media Music Server SSSvr exeC Program Files Sony Photo Server appsrv PhotoAppSrv exeC Program Files Viewpoint Common ViewpointService exeC Program Files Common Files Sony Shared VAIO Media Platform SV Httpd exeC Program Files Common Files Sony Shared VAIO Media Platform sv httpd exeC Program Files Common Files Sony Shared VAIO Media Platform UPnPFramework exeC Program Files Common Files Sony Shared VAIO Media Platform UPnPFramework exeC Program Infected with Trojan.Win32/Trojan-Downloader/not-a-virus.AdWare Files Apoint Apoint exeC Program Files ATI Technologies ATI Infected with Trojan.Win32/Trojan-Downloader/not-a-virus.AdWare Control Panel atiptaxx exeC Program Files Sony HotKey Utility HKserv exeC WINDOWS Sonysys VAIO Recovery reminder exeC Program Files Java jre bin jusched exeC Program Files Zone Labs ZoneAlarm zlclient exeC WINDOWS system Rundll exeC Program Files icrosoft NET hkntfs exeC DOCUME Narda APPLIC FNTS wucrtupd exeC Program Files Apoint Apntex exeC WINDOWS system ctfmon exeC WINDOWS System svchost exeC Program Files PowerPanel Program PcfMgr exeC Program Files Sony HotKey Utility HKWnd exeC Program Files Java jre bin jucheck exeC Program Files Mozilla Firefox firefox exeC Program Files Microsoft Office Office WINWORD EXEC Program Files Adobe Reader Reader AcroRd exeC Program Files Common Files Adobe Updater AdobeUpdater exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC WINDOWS system rundll exeC Documents and Settings Narda Desktop RSIT exeC Program Files trend micro Narda exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www sony com vaiopeopleO - BHO no name - C D - B - B - ABE-BDD E DDE - C WINDOWS System efeca dllO - BHO no name - ef f - - a-b -a e a - C WINDOWS System duweweba dllO - BHO e d- f a-b ba- a - a e dfe - efd e - a - a -ab b-a f d e - C WINDOWS system jnwvqo dllO - Toolbar Easy-WebPrint - C -E D- c -AA D- AC BABA C - C Program Files Canon Easy-WebPrint Toolband dllO - HKLM Run Apoint C Program Files Apoint Apoint exeO - HKLM Run ATIModeChange Ati mdxx exeO - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exeO - HKLM Run Mouse Suite Daemon ICO EXEO - HKLM Run ZTgServerSwitch c program files support com client lserver server vbsO - HKLM Run HKSERV EXE C Program Files Sony HotKey Utility HKserv exeO - HKLM Run CreateCD Reminder C WINDOWS Sonysys VAIO Recovery reminder exeO - HKLM Run VAIO Recovery C Windows Sonysys VAIO Recovery PartSeal exeO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run kajezuhiwo Rundll exe quot C WINDOWS System mejiyolo dll quot sO - HKLM Run ZoneAlarm Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run BM b f Ru... Read more

A:Infected with Trojan.Win32/Trojan-Downloader/not-a-virus.AdWare

Hello! My name is Sam and I will be helping you. I will do my best to communicate clearly to you so that we can resolve your issues as quickly as possible. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to fix your computer. Please communicate freely with me about how your computer is reacting and behaving as we work through this process.Please download SDFix and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, the Advanced Options Menu should appear;Select the first option, to run Windows in Safe Mode, then press Enter.Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back here in your next reply.

http://www.bleepingcomputer.com/forums/t/182876/infected-with-trojanwin32trojan-downloadernot-a-virusadware/
Relevancy 38.27%

Okay for the past few days I ve been having issues with these viruses I have seen posts here before asking about how to get rid of the same things but since I have those I don t know if there is a better way to do this I keep getting random pop ups I tried downloading VundoFix but it keeps coming back of course I ran Spybot Search amp destroy and the same thing happens The Anti-Virus I m using is Norton AntiVirus Corporate Edition Full version if thats even necessary It is up to date and the description it gives me for each one is Scan type Realtime Protection Scan Event Virus Found Virus name Downloader File C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE RJ CT valera Location C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE RJ CT Computer STARRSCOMPUTER User starrs crap Action taken Clean failed Quarantine failed Access denied Date found Wed Sep Scan type Realtime Protection Scan Event Virus Found Virus name Trojan Vundo File C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE CHER DUR lkjh Location Quarantine Computer STARRSCOMPUTER User Virus issues, Trojan.Vundo, Trojan Downloader, Horse starrs crap Action taken Clean failed Quarantine succeeded Access denied Date found Wed Sep Scan type Realtime Protection Scan Event Virus Found Virus name Trojan Horse File C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE OTMJGPEZ jaun Location C Documents and Settings starrs crap Local Settings Virus issues, Downloader, Trojan.Vundo, Trojan Horse Temporary Internet Files Content IE OTMJGPEZ Computer STARRSCOMPUTER User starrs crap Action taken Clean failed Quarantine failed Access denied Date found Wed Sep Scan type Realtime Protection Scan Event Virus Found Virus name Downloader File C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE WLMJK MF valera Location C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE WLMJK MF Computer STARRSCOMPUTER User starrs crap Action taken Clean failed Quarantine failed Access denied Date found Wed Sep Scan type Realtime Protection Scan Event Virus Found Virus name Trojan Vundo File C Documents and Settings starrs crap Local Settings Temporary Internet Files Content IE YJG J TO lkjh Location Quarantine Computer STARRSCOMPUTER User starrs crap Action taken Clean failed Quarantine succeeded Access denied Date found Thu Sep I really don t know what to do help would Virus issues, Downloader, Trojan.Vundo, Trojan Horse be greatly appreciated nbsp

A:Virus issues, Downloader, Trojan.Vundo, Trojan Horse

oh god..okay i should probably mention that right now, my antivirus notification is at 89 notifications and counting the same message over

"Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Trojan.Vundo
File: C:\WINDOWS\system32\byxxutr.dll
Location: C:\WINDOWS\system32
Computer: STARRSCOMPUTER
User: SYSTEM
Action taken: Clean failed : Quarantine failed : Access denied
Date found: Thu Sep 20 00:15:34 2007"

by the time im done with this message its up to 99 notifications total and still counting.
103 now

im trying to delete it but it says the file is busy and im trying to disable anti virus but i cant figure out how
 

https://forums.techguy.org/threads/virus-issues-downloader-trojan-vundo-trojan-horse.626426/
Relevancy 37.84%

Hi guys and gals I d like some help and I am unexperienced in the world of viruses etc so excuse my lack of knowledge on the subject Recently I ve found files that I have no idea what their purpose is I think I may have downloaded them with another program maybe and I heard they trojan? regscan32? Virus, trojan} [Resolved] {optix were viruses First one is regscan exe which is [Resolved] regscan32? Virus, trojan? {optix trojan} in my windows olefiles folder I also found it in my msconfig I deleted the file but it came back next one is winboot exe which is in windows system and this program everytime I start my pc asks zonealarm to access the internet I m not sure if i should delete this file I dont know its purpose And last is ptsnoop exe which I have heard can also be related to certain modems but I found it in msconfig it looked like this load ptsnoop exe Not sure if this is good or bad Would appreciate some advice thanks in advance nbsp

Relevancy 37.84%

Hi you helped me disinfect one of my computers now I have an even bigger chore with another computer It is so infected right now I have found the Trojan Crypt B and Trojan IRC backdoor sdbot myx viruses on my computer I tried to follow the instructins for what you suppose to do before you post a Trojan problems Trojan Crypt.b backdoor and virus HJT log Unfortunately my comp won't show my the add remove programs I did my Trojan Crypt.b and Trojan backdoor virus problems updates for what it would let me download and and ran all the virus and spyware scans Hopefully you can help me with this problem Her is my HJT Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss Trojan Crypt.b and Trojan backdoor virus problems exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C WINDOWS System svchost exe C Program Files Java jre bin jusched exe C Program Files MsMovies MsMovies exe C PROGRA Grisoft AVGFRE avgcc exe C Program Files Messenger msmsgs exe C DOCUME HEYWOO LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Comcast R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - A - E E- -B D- DBE - no file O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run MsMovies C Program Files MsMovies MsMovies exe auto O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run Tsa C PROGRA COMMON tsa tsm exe O - Startup Share On Startup lnk C Program Files Share Gui Share exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra button Help - A-E C - E -A C-F DD F D - http www comcast net memberservices file missing HKCU O - Extra button Support - CE C -B D - C -B -ADDA FB - http www comcastsupport com file missing HKCU O - Extra button ComcastHSI - E AA B - B - E -A B -E B BBCE - http www comcast net file missing HKCU O - Service AVG Alert Manager Server Avg Alrt - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgamsvr exe O - Service AVG Update Service Avg UpdSvc - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgupsvc exe Thank you for all your help Austin

A:Trojan Crypt.b and Trojan backdoor virus problems

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.


Download and unzip BFUzip from http://www.merijn.org/files/bfu.zip
Run the program and click the Web button as shown here:


Use this URL to copy into the address bar of the Download script window:
http://metallica.geekstogo.com/p2pnetwork.bfu

Execute the script by clicking the Execute button.

If you have any questions about the use of BFU please read here:
http://metallica.geekstogo.com/BFUinstructions.html


Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer If it finds any malware, it will offer you a report.
Click on see report. Then click Save report
Post the contents of the report in your next reply

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan

Restart and run a new scan with HJT. Save the log, and post it here.

http://www.techsupportforum.com/forums/f284/trojan-crypt-b-and-trojan-backdoor-virus-problems-78313.html
Relevancy 37.84%

I believe I got this virus Trojan-Downloader Java OpenConnection ap from using msn A message msn virus - trojan Trojan-Downloader.Java.OpenConnection.ap popped up from a friend and said quot http www tugladuvar info list quot I clicked on the link and it was a site that said the contacts that blocked you Couple of days ago a friend told me that I started sending links such as quot http www invitecodeetprojet info list quot quot http www altigensel info list quot amp quot http www tugladuvar info list quot When I did the scan I was unable to delete it or anything for that matter PLEASE HELP THANKS IN ADVANCE I m using a Windows XP I m using a Shaw Secure Extended as my primary scanning for viruses malware and such Scanning Report January - Computer name G-KPMX XSV I G Scanning type Perform full computer check Target C system rootkits -------------------------------------------------------------------------------- Result malware found Trojan-Downloader Java OpenConnection ap virus C Documents and Settings George Application Data Sun Java Deployment cache javapi v jar nRT jar- e f - d cf zip msn trojan virus - Trojan-Downloader.Java.OpenConnection.ap HiPointInstallShieldRT class -------------------------------------------------------------------------------- Statistics Scanned Files Not scanned Result Viruses Spyware Suspicious items Riskware Actions Disinfected Renamed Deleted Quarantined Failed Boot Sectors Scanned Infected Suspicious items Disinfected Files not scanned Cannot open file click here for more info C PAGEFILE SYS Cannot open file click here for more info C WINDOWS SYSTEM CONFIG DEFAULT Cannot open file click here for more info C WINDOWS NTUNINSTALLKB BROWSER DLL Cannot open file click here for more info C WINDOWS NTUNINSTALLKB RTCDLL DLL Cannot open file click here for more info C WINDOWS NTUNINSTALLKB SXS DLL Cannot open file click here for more info C WINDOWS NTUNINSTALLKB CATSRV DLL Scanning of C Program Files Microsoft Visual Studio Common IDE IDE MSE HTMLREF CHM was aborted F-Secure AVP Scanning of C Program Files Microsoft Office Office ACMAIN CHM was aborted F-Secure AVP Scanning of C Program Files Microsoft Office Office WDMAIN CHM was aborted F-Secure AVP Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA PHOTOALBUM Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA EXPORT Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA CHARACTERS Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA PHOTOALBUM Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA EXPORT Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA CHARACTERS Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA PHOTOALBUM Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA EXPORT Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA CHARACTERS Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA PHOTOALBUM Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA IMPORT Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS USERDATA EXPORT Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS GAMEDATA WALLS Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS GAMEDATA USEROBJECTS Cannot open a file in archive C PROGRAM FILES MAXIS THE SIMS GAMEDATA FLOORS Cannot open file click here for more info C DOCUMENTS AND SETTINGS VERONICA APPLICATION DATA ISPNEWS ISPN INI Cannot open file click here for more info C DOCUMENTS AND SETTINGS SUAT WEI LOCAL SETTINGS TEMP HSPERFDATA SUAT WEI Scanning of C Documents and Settings michelle My Documents iTunesSetup exe was aborted F-Secure AVP Cannot open a file in archive C DOCUMENTS AND SETTINGS GEORGE LOCAL SETTINGS APPLICATION DATA GOOGLE GOOGLE DESKTOP B EE E DBDAM Cannot open a file in archive C DOCUMENTS AND SETTINGS GEORGE LOCAL SETTINGS APPLICATION DATA GOOGLE GOOGLE DESKTOP B EE E DBEAM File C Documen... Read more

https://forums.techguy.org/threads/msn-trojan-virus-trojan-downloader-java-openconnection-ap.677913/
Relevancy 37.84%

Help me I just clicked on a link provided by a fellow forum member and instantly I became Infected badly with multiple viruses and spyware. some of them are Backdoor trojans a trojan horse and a couple others. i cannot get ipu to close off of my close programs menu. Hurry please help me. This happened while testing the mcafee problem that I may of had causing excessive freezing of windows and ie. what should i do. is there any virus killers that can be downloaded to get rid of this nuisance . the popups are at an extreme level.
 

A:helppppp I got a virus trojan horse backdoor trojan. and others!!!!!!!!

go to http://www.spywareinfo.com/~merijn/files/hijackthis.zip , and download 'Hijack This!'.
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.

It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required,
so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.
 

https://forums.techguy.org/threads/helppppp-i-got-a-virus-trojan-horse-backdoor-trojan-and-others.181013/
Relevancy 37.84%

anti virus pro trojan downloader x trojan and more Web pages were being redirected i ran mcafee scan it deleted instances of anti virus pro trojan ran again and found afew more plus downloader x the web pages are no longer redirected but there virus more and trojan trojan anti pro 2009 downloader.x are sooo many processes running that i dont think it anti virus pro 2009 trojan downloader.x trojan and more is clean i anti virus pro 2009 trojan downloader.x trojan and more also ran eusing registry cleaner here is my hijackthis log Logfile of Trend anti virus pro 2009 trojan downloader.x trojan and more Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS system brss a exe C WINDOWS arservice exe C WINDOWS system Brmfrmps exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Network Associates Common Framework FrameworkService exe C Program Files Network Associates VirusScan Mcshield exe C Program Files Network Associates VirusScan VsTskMgr exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS system dllhost exe C WINDOWS ehome ehtray exe C Program Files HP DigitalMedia Archive DMAScheduler exe C WINDOWS eHome ehmsas exe C Program Files HP HP Software Update HPwuSchd exe C Program Files ScanSoft PaperPort pptd nt exe C Program Files Network Associates VirusScan SHSTAT EXE C Program Files Network Associates Common Framework UpdaterUI exe C Program Files Common Files Network Associates TalkBack TBMon exe C HP KBD KBD EXE C Program Files QuickTime qttask exe C Program Files Belkin F D Belkinwcui exe C WINDOWS System svchost exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C WINDOWS system wuauclt exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Logitech SetPoint KEM exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files Brother Brmfcmon BrMfcWnd exe C Program Files Updates from HP Program Updates from HP exe C Program Files Brother Brmfcmon BrMfcmon exe C Program Files Logitech SetPoint KHALMNPR EXE C WINDOWS system wuauclt exe C WINDOWS ALCXMNTR EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C WINDOWS system msiexec exe c windows system hpsysdrv exe C Program Files Java jre bin jusched exe C Program Files Java jre bin jucheck exe C Program Files iTunes iTunesHelper exe C Program Files iPod bin iPodService exe C Program Files LogMeIn x LogMeIn exe C Program Files LogMeIn x LMIGuardian exe C Program Files LogMeIn x RaMaint exe C Program Files LogMeIn x LogMeInSystray exe C Program Files LogMeIn x LMIGuardian exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c amp bd PAVILION amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Start Page http wapp verizon net bookmarks bmredir asp region all amp bw fiber amp cd yahoo amp bm yh home R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c amp bd PAVILION amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c amp bd PAVILION amp pf desktop R - HKLM Software Microsoft Internet Ex... Read more

A:anti virus pro 2009 trojan downloader.x trojan and more

Can anyone help me? please
 

https://forums.techguy.org/threads/anti-virus-pro-2009-trojan-downloader-x-trojan-and-more.767218/
Relevancy 36.98%

Hello I need some help with remove, Startpage virus/trojan?? trojan can't a virus trojan that keeps bothering me The Norton Antivirus detects and repair a file called se dll but then it keeps showing everytime I open internet explorer and windows in general Also I m having problems with my adsl modem sometimes I don t know if this virus trojan affects a file related to my modem configuration With CWShredder I can remove the anoying start page but then it comes back I d really aprecciate if someone could help me Thanks Here is my hijackthis log Logfile of HijackThis v Scan saved at a m on Platform Windows ME Win x MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES SYSTEM MOSEARCH BIN MOSEARCH EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES MICROSOFT SHARED VS DEBUG Startpage trojan can't remove, virus/trojan?? MDM EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES SYMANTEC SHARED CCEVTMGR EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS Startpage trojan can't remove, virus/trojan?? SYSTEM PSTORES EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS EXPLORER EXE C WINDOWS SYSTEM CMMPU EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS RUNDLL EXE C WINDOWS RUNDLL EXE C WINDOWS LOADQM EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SAAP EXE C PROGRAM FILES INTERNET OPTIMIZER OPTIMIZE EXE C WINDOWS SYSTEM TAPISRV EXE C PROGRAM FILES AUTOUPDATE AUTOUPDATE EXE C WINDOWS SYSTEM CTFMON EXE C WINDOWS ENDPOINT ADSLAGENT EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES INTERNET OPTIMIZER ACTALERT EXE C PROGRAM FILES OVIIS RXYOOLU EXE C ARCHIVOS DE PROGRAMA BITTORRENT BTDOWNLOADGUI EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE D BACKUP MY DOCUMENTS SOFTWARE HIJACKTHIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar res C WINDOWS TEMP se dll sp html R - HKCU Software Microsoft Internet Explorer Main Search Page about blank R - HKLM Software Microsoft Internet Explorer Main Search Bar res C WINDOWS TEMP se dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Page about blank R - HKCU Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKCU Software Microsoft Internet Explorer Main HomeOldSP about blank R - HKLM Software Microsoft Internet Explorer Main HomeOldSP about blank R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer proxy uolfast com ar F - win ini run C WINDOWS SYSTEM cmmpu exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C ARCHIVOS DE PROGRAMA ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Archivos de programa Norton AntiVirus NavShExt dll O - BHO no name - be- d - ceb-add -e a d - C ARCHIVOS DE PROGRAMA CXTPLS CXTPLS DLL file missing O - BHO no name - E A - B- - E B- E D AB CD - C WINDOWS SYSTEM BPONGE DLL O - Toolbar msdxmLC dll email protected amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Archivos de programa Norton AntiVirus NavShExt dll O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run ICSDCLT C WINDOWS rundll exe C WINDOWS SYSTEM icsdclt dll ICSClient O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run WildTangent CDA RUNDLL exe C ARCHIV WILDTA APPS CDA CDAENG DLL cdaEngineMain O - HKLM Run LoadQM loadqm exe O - HKLM Run ServidorAgendaMsd C Archivos de programa MSD Soft AgendaMsdMU Servidor DbServer Dbsrvr exe O - HKLM Run ccApp quot C Archivos de programa Archivos comunes Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quo... Read more

A:Startpage trojan can't remove, virus/trojan??

Welcome to TSG.

In Add/Remove Programs uninstall "Internet Optimizer"

Then......Your version of HijackThis is out of date.....Go here and download HijackThis
Winzip Self-extracting archive It will extract to C:\Program files
Doubleclick HijackThis.exe, and hit "Scan".

Uninstall the old version 1st and then post a new log with the latest version.
 

https://forums.techguy.org/threads/startpage-trojan-cant-remove-virus-trojan.335575/
Relevancy 36.98%

Started getting pop-up dialogs boxes indicating an Internet attack and virus then pop-up ads for fixing the problem would appear Several shortcuts also appeared on the desktop that were related to this attack A white X in a red box sometimes appeared in the bottom status bar and sometimes flashed I used a Smitfraudfix application I found on the Internet and this removed the desktop shortcuts the red box with the X and the bothersome pop-ups But the attack would appear the next day or even several hours later I had to run the Smitfraudfix in safemode just to be able to function between attacks I ran through the entire preparation guide with the following results cleanmgr - this did not run properly When the disk cleanup status box displayed Troj_dloader.ewr Virus Trojan Or Trojan.w32.looksky there were four squares in the progress bar and the message was quot Scanning Compres old files quot but the computer wasn't doing anything Could be an OS issue Adaware and Spybot Trojan Virus Troj_dloader.ewr Or Trojan.w32.looksky scans - ran four scans for both With each Adaware scan there were or critical items MRU List appeared each time others were mostly tracking-type files I gave up after Ad-Adware cycles because it seemed that there would always be issues it would find Ran SpyBot four times and each time there was something but the one I thought was the virus Smitfraud-CMSVPS was removed after the first one Housecall - This ran for about an hour and could delete all issues about except the Trojan TROJ DLOADER EWR As I was reading the detailed instructions about what to do next I was prompted to re-run the scan So I did and NO issues were found even though it could not delete TROJ DLOADER EWR after the first scan I did not then run the Trend Micro antivirus program as I thought the virus had been deleted I ran McAfee AVERT Stinger and it did not find any viruses I installed the Sygate Firewall I used to have Zone Alarm but a local PC repair shop told me not to use it as the Windows built-in firewall was adequate and that Zone Alarm presented other challenges Ran Windows Update and there were no updates to download Ran Hijack This and here is the log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINNT System smss exeC WINNT system winlogon exeC WINNT system services exeC WINNT system lsass exeC Program Files Sygate SPF smc exeC WINNT system svchost exeC WINNT system spoolsv exeC Program Files CA CA Internet Security Suite CA Anti-Virus ISafe exeC WINNT System cisvc exeC WINNT System svchost exeC WINNT system hidserv exeC Program Files Ahead InCD InCDsrv exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINNT system regsvc exeC WINNT system MSTask exeC WINNT system stisvc exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC Program Files CA CA Internet Security Suite CA Anti-Virus VetMsg exeC Program Files Viewpoint Common ViewpointService exeC WINNT System WBEM WinMgmt exeC WINNT System mspmspsv exeC WINNT system svchost exeC WINNT system svchost exeC WINNT Explorer EXEC WINNT SOUNDMAN EXEC Program Files Common Files Real Update OB realsched exeC Program Files HP HP Software Update HPWuSchd exeC Program Files CA CA Internet Security Suite cctray cctray exeC Program Files CA CA Internet Security Suite CA Anti-Virus CAVRID exeC Program Files QuickTime qttask exeC Program Files iTunes iTunesHelper exeC Program Files Java jre bin jusched exeC Program Files Seekmo bin OEAddOn exeC Program Files Seekmo bin SeekmoSA exeC WINNT system ctfmon exeC PROGRA Ahead NEROPH data Xtras mssysmgr exeC Program Files Plaxo PlaxoHelper exeC PROGRA AWS WEATHE Weather exeC Program Files iPod bin iPodService exeC Program Files Adobe Acrobat Distillr acrotray exeC Program Files HP Digital Imaging bin hpqtra exeC Program Files Common Files Microsoft Shared Works Shared wkcalrem exeC Program Files TechSmith SnagIt SnagIt exeC Prog... Read more

A:Trojan Virus Troj_dloader.ewr Or Trojan.w32.looksky

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Marrick My name is Richie and i'll be helping you to fix your problems.Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546You are well advised to remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present,then restart your pc:ViewpointViewpoint ManagerViewpoint Media PlayerGo to Start > Settings > Control Panel > Add/Remove Programs and remove the following programS if present,then restart your pc:SeekmoAWSDownload Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Do NOT post the ComboFix-quarantined-files.txt unless I ask.Also post a new Hijackthis log please.

http://www.bleepingcomputer.com/forums/t/107553/trojan-virus-troj-dloaderewr-or-trojanw32looksky/
Relevancy 36.98%

This is a new trojan I have encountered and Virus: trojan-backdoor-prodav Trojan I have found some information to deal with it but there not working Eight minutes into the Spy Sweeper Trojan Virus: trojan-backdoor-prodav scan the virus pops up and Trojan Virus: trojan-backdoor-prodav I'm a Trojan Virus: trojan-backdoor-prodav little stump on how to get rid of it So If someone can help me that would be great The Attachment is the report I got from dds scr I also do not have my windows install disc and boot cd I have the product key but not the cd DDS Ver - - - NTFSx Run by Owner at on Wed Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - Running Processes C Program Files Webroot WebrootSecurity WRConsumerService exe C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch C WINDOWS system svchost -k rpcss C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k NetworkService C WINDOWS system svchost exe -k LocalService C WINDOWS system spoolsv exe C WINDOWS system svchost exe -k LocalService C Program Files Common Files AOL ACS AOLAcsd exe C Program Files Common Files AOL TopSpeed aoltsmon exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Common Files AOL TopSpeed aoltpspd exe C Program Files Java jre bin jqs exe C Program Files Common Files Motive McciCMService exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system wdfmgr exe C Program Files Webroot WebrootSecurity SpySweeper exe C Program Files Common Files Pure Networks Shared Platform nmsrvc exe C WINDOWS System alg exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C Program Files QuickTime QTTask exe C Program Files iTunes iTunesHelper exe C Program Files Common Files Pure Networks Shared Platform nmctxth exe C Program Files Linksys Linksys Wireless Manager LinksysWirelessManager exe C Program Files Webroot WebrootSecurity SpySweeperUI exe C Program Files DNA btdna exe C WINDOWS system ctfmon exe C Program Files Windows Live Messenger msnmsgr exe C WINDOWS system scvhost exe C Program Files iPod bin iPodService exe C Program Files Webroot WebrootSecurity SSU EXE C Program Files Mozilla Firefox firefox exe C Documents and Settings Owner My Documents Downloads dds scr C WINDOWS system wbem wmiprvse exe Pseudo HJT Report uSearch Bar hxxp search imesh com sidebar html src ssb uSearchMigratedDefaultURL hxxp search live com results aspx q searchTerms amp src referrer source uInternet Settings ProxyOverride local uURLSearchHooks IMBooster web-en Toolbar de - f - b - da- dfba bb - c program files imbooster web-en tbIMBo dll mWinlogon Userinit userinit exe c windows system sdra exe mWinlogon Taskman c recycler s- - - - - - - rundll exe BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO FGCatchUrl f -aa - b - f d- a b e ef - c program files flashget jccatch dll BHO IMBooster web-en Toolbar de - f - b - da- dfba bb - c program files imbooster web-en tbIMBo dll BHO UrlHelper Class c -ab - d -a d - e d e - c program files imesh applications imesh mediabar iMeshIEHelper dll BHO C C A-E - b - D - CECB - No File BHO Search Helper ebf - f- bff-a f-b e aac b - c program files microsoft search enhancement pack search helper SEPsearchhelperie dll BHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dll BHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files google googletoolbar dll BHO CBrowserHelperObject Object ca c - b - e-a -a c db f - c windows system BAE dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e... Read more

A:Trojan Virus: trojan-backdoor-prodav

Hi,

Please do the following


Please download GMER Rootkit Scanner from here or here. Extract the contents of the zipped file to desktop.
Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
In the right panel, you will see several boxes that have been checked. Uncheck the following ... Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and put it in your next reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

http://www.techsupportforum.com/forums/f284/trojan-virus-trojan-backdoor-prodav-420455.html
Relevancy 36.98%

My computer has apparently been hit by a Trojan Gen and or Trojan Zeroaccess gen virus since yesterday afternoon I am running Windows -bit and Norton Internet Security Currently I am receiving multiple Norton pop-ups of quot Auto-Protect blocked security risk Trojan Gen Your computer is secure quot quot Norton blocked an attack Trojan.Gen.2 virus and/or Trojan.Zeroaccess!gen7 by Web Attack Blackhole Toolkit Website quot quot Norton blocked an attack by Web Attack Exploit Toolkit Website quot I ran numerous full scans since the problem started The first one or two scans showed nothing Trojan.Gen.2 and/or Trojan.Zeroaccess!gen7 virus other than tracking cookies The second or third scan quarantined Trojan Zeroaccess gen I also ran Windows Defender which showed nothing Problems continued so I ran the Norton Power Eraser as recommended on the Norton website It fixed one item but at this point I unfortunately don t remember exactly what it said I was hesitant about running the Norton Bootable Recovery Tool as recommended on the Norton website so I Trojan.Gen.2 and/or Trojan.Zeroaccess!gen7 virus did not Looking at Norton Security History since the problem started yesterday afternoon Resolved Security Risks - multiple instances of Trojan Gen detected by Auto-Protect blocked instance of msimg dll Trojan Zeroaccess gen detected by Virus scanner quarantined instance of wpgr exe Trojan Zeroaccess gen detected by Auto-Protect quarantined Intrusion Prevention - multiple instances of Web Attack Blackhole Toolkit Website multiple instances of Web Attack Exploit Toolkit Website instance of Fake App Attack Fake AV Redirect I would really appreciate advice as to what I should do Thanks

A:Trojan.Gen.2 and/or Trojan.Zeroaccess!gen7 virus

Downloadhttp://www.techspot.com/downloads/4716-malwarebytes-anti-malware.htmlInstall,update and run a full scan Click on SHOW results.Select all infections and remove itReboot the PC and scan MBAM once in regular mode until you get a clean logDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

http://www.bleepingcomputer.com/forums/t/456374/trojangen2-andor-trojanzeroaccessgen7-virus/
Relevancy 36.98%

Hello I recently received a message from AVG that my computer was infected with the trojan backdoor Generic I think that my wife accidently downloaded it when downloading a game on the internet I just spent getting my computer totally fixed last month due to all kinds of issues it was having so I am trying to be very cautious on the internet I thought my wife was too but I guess not AVG did not seem to be able to remove Heal this or even move this to quarantine I searched this site for help and found a forum that discusses what might help Because of this I downloaded gmer and ran the scan under the rootkit tab I am not sure how to post what it told me Backdoor I Trojan Have A Think Virus(trojan Generic3) I I am not very computer savvy I did state that some of these files have been manipulated and some are in red type I guess that I am stuck at this point How can I get I Think I Have A Trojan Virus(trojan Backdoor Generic3) this off my computer If anyone could help me out I would greatly appreciate it -Thanks Matt

A:I Think I Have A Trojan Virus(trojan Backdoor Generic3)

I just wanted to add the details of what AVG states: C:\WINDOWS\SYSTEM32\yvbb01.dll and the virus is Trojan Horse Backdoor.Generic3.CEQ
-Matt

http://www.bleepingcomputer.com/forums/t/59770/i-think-i-have-a-trojan-virustrojan-backdoor-generic3/
Relevancy 36.98%

I've got this virus. Found by avg free 7.5 but will not remove it from my machine. Please help this computer is my lifeline. Thanks

A:Trojan virus (trojan horse PSW. generic5

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

We want all our members to follow our 5 Step process outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/trojan-virus-trojan-horse-psw-generic5-263519.html
Relevancy 36.98%

A couple of Trojan.Dropper and Trojan.Vundo - Virus days ago our computer running Win XP and using Avast Antivirus software was infected with Trojan Virus - Trojan.Vundo and Trojan.Dropper Vundo and Trojan Dropper At the same time of that occurrence we have been experiencing a Spooler Sub System APP error box saying it has encountered a problem and needs to close everytime the computer is rebooted Also Internet Explorer comes up with a cannot display image message and Firefox does open at all The Malwarebytes log below shows the two Trojan files were deleted along with other infected files when scanned A second full Malwarebytes scan revealed no more infected files but I continue to receive the Spooler Sub System App error message and cannot access any browser upon rebooting Don t know what to do next Looking for much need help in fixing computer I ve listed the Malwarebytes log that cleaned the viruses and also the HighjackThis log completed afterward Not sure if I need to do anything else at this point XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Malwarebytes Anti-Malware www malwarebytes org Database version Windows Service Pack Internet Explorer PM mbam-log- - - - - txt Scan type Quick scan Objects scanned Time elapsed minute s second s Memory Processes Infected Memory Modules Infected Registry Keys Infected Registry Values Infected Registry Data Items Infected Folders Infected Files Infected Memory Processes Infected No malicious items detected Memory Modules Infected No malicious items detected Registry Keys Infected HKEY CLASSES ROOT Interface e fc-cf f- f -af - a a dd cc Adware MyWebSearch - gt Quarantined and deleted successfully HKEY CLASSES ROOT Interface cf be c- - - - cf cfe Adware MyWebSearch - gt Quarantined and deleted successfully HKEY CLASSES ROOT CLSID a f-eee - - ea - e cdd Adware MyWebSearch - gt Quarantined and deleted successfully HKEY CLASSES ROOT Typelib d a- a - e- -b a e Adware MyWebSearch - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE Microsoft Code Store Database Distribution Units d db d - ec - a -bd - e e bb Adware MyWebSearch - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE Microsoft Internet Explorer SearchScopes a -b - e-b d - eda ae Trojan Vundo - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE FocusInteractive Adware MyWebSearch - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE Fun Web Products Adware MyWebSearch - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE Microsoft Multimedia WMPlayer Schemes f pss Adware MyWebSearch - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE MyWebSearch Adware MyWebSearch - gt Quarantined and deleted successfully Registry Values Infected HKEY CURRENT USER SOFTWARE Microsoft Internet Explorer MenuExt amp Search default Adware Hotbar - gt Quarantined and deleted successfully Registry Data Items Infected HKEY LOCAL MACHINE SOFTWARE Microsoft Security Center AntiVirusDisableNotify Disabled SecurityCenter - gt Bad Good - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE Microsoft Security Center FirewallDisableNotify Disabled SecurityCenter - gt Bad Good - gt Quarantined and deleted successfully Folders Infected C Program Files FunWebProducts Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files FunWebProducts ScreenSaver Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files FunWebProducts ScreenSaver Images Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files FunWebProducts Shared Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files MyWebSearch Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files MyWebSearch bar Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files MyWebSearch bar History Adware MyWebSearch - gt Quarantined and deleted successfully C Program Files MyWebSearch bar ... Read more

A:Virus - Trojan.Vundo and Trojan.Dropper

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.I would like to get a better look at your system, please do the following so I can get some more detailed logs.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"information and logs:In your next post I need the following1.logs from DDS2.RKUnHooker3.let me know of any problems you may have had[/list]Gringo

http://www.bleepingcomputer.com/forums/t/356376/virus-trojanvundo-and-trojandropper/
Relevancy 36.98%

Logfile of HijackThis v Scan saved at AM matter? anything the on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Common Files AOL ACS AOLacsd exe C Program Files Common Files AOL TopSpeed aoltsmon exe c PROGRA mcafee com vso mcvsrte exe C WINDOWS System svchost exe c PROGRA mcafee com vso mcshield exe C WINDOWS System wuauclt exe C Program Files iolo Common Lib ioloDMVSvc exe C Program Files anything the matter? iolo System Mechanic SMSystemAnalyzer exe C Program Files Internet Explorer iexplore exe C anything the matter? PROGRA anything the matter? McAfee com Agent mcupdmgr exe C Program Files Internet Explorer iexplore exe C Program Files BitTorrent bittorrent exe C Program Files BitTorrent bittorrent exe C Program Files iolo System Mechanic SysMech exe C hijack HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http qus hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-qus hpwis com R - HKCU Software Microsoft Internet Explorer Main Search Bar http srch-qus hpwis com R - HKCU Software Microsoft Internet Explorer Main Search Page http srch-qus hpwis com R - HKCU Software Microsoft Internet Explorer Main Start Page http support cavtel net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http qus hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http srch-qus hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-qus hpwis com R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com cust www yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer by Cavalier Telephone LLC R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - B CA - A - D -A DF- BB - no file O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run HostManager C Program Files Common Files AOL ee AOLSoftware exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent mcupdate exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SMSystemAnalyzer quot C Program Files iolo System Mechanic SMSystemAnalyzer exe quot O - HKCU Run Yahoo Pager C Program Files Yahoo Messenger ypager exe -quiet O - HKCU Run BitTorrent quot C Program Files BitTorrent bittorrent exe quot --force start minimized O - Extra context menu item amp AOL Toolbar search - res C Program Files AOL Toolbar toolbar dll SEARCH HTML O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar dll O - Extra 'Tools' menuitem AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar d... Read more

Relevancy 36.98%

This Trojan keeps appearing Ive read several forums saying I Matter What Do... No to download dllfix exe or findnfix exe but when I click on a link I keep getting a page Can someone tell me what to do Here is my HighJackThis log Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe No Matter What I Do... C WINDOWS system LEXBCES No Matter What I Do... EXE C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS BCMSMMSG exe C Program Files Dell AccessDirect dadapp exe C Program Files Dell QuickSet quickset exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system dla tfswctrl exe C WINDOWS System DSentry exe C Program Files Dell Media Experience PCMService exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Winamp winampa exe C Program Files Common Files AOL ACS AOLDial exe C Program Files QuickTime qttask exe C WINDOWS System LXSUPMON EXE C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe C WINDOWS System ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C PROGRA COMMON AOL ACS AOLacsd exe C Program Files Dell AccessDirect DadTray exe C Program Files AOL aoltray exe C Program Files Mustek UB Plus Driver WATCH exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Files Messenger msmsgs exe C WINDOWS wanmpsvc exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files AOL waol exe C Program Files AOL shellmon exe C Program Files Common Files AOL aoltpspd exe C Program Files AOL Companion companion exe C Program Files Internet Explorer iexplore exe C Documents and Settings Frankie Tripod Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar file C DOCUME FRANKI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Search Page file C DOCUME FRANKI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www euro dell com countries uk enu gen default htm R - HKCU Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME FRANKI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Search Bar file C DOCUME FRANKI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Search Page file C DOCUME FRANKI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME FRANKI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main HomeOldSP about blank O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - DA E - E - A - EB -A A DFA A - C WINDOWS System cdakan dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar My amp Search Bar - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run DadApp C Program Files Dell AccessDirect dadapp exe O - HKLM Run Dell QuickSet C Program Files Dell QuickSet quickset exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run PCMService quot C Program Files Dell Media Experience PCMService exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O... Read more

A:No Matter What I Do...

Hi and welcome to TSG,

Download this: http://downloads.subratam.org/FINDnFIX.exe
Extract it (it should autoextract to C:\FindnFix when you double click it)

Go to the C:\FindnFix folder and doubleclick on !LOG!.BAT and let it run. It will generate a log.txt file. Copy and paste log.txt back here in your next reply.
 

https://forums.techguy.org/threads/no-matter-what-i-do.253317/
Relevancy 36.98%

Hi i'm clearly new here and was hopping to get some thoughts.I was told that a strong enough magnet would disrupt my wireless cam and was wondering if that was true?
 

A:Help on this matter

Hello and welcome to TSG.
Well im no expert on magnets or magnetism, but as far as i am aware anything to do with magnets (either natural, manufactured or electromagnetic), and anything electrical should always be avoided as much as possible. Even such minor things as "coiling up" excess cables can effectively turn themselves into electromagnets and thus disrupt electrical fields. So i would say yes it is possible. Whether the magnetic field disrupts the actual signal or the cam itself, i cannot say.
 

https://forums.techguy.org/threads/help-on-this-matter.900564/
Relevancy 36.98%

as for (set as active ) please look at my last thread ( http://www.sevenforums.com/newthread...newthread&f=46 )
my question is >> how could i solve this problem ?

A:what is matter

we need to see a full copy of the report produced by the MGADiag tool
(download and save to desktop - http://go.microsoft.com/fwlink/?linkid=52012 )
Once saved, run the tool.
Click on the Continue button, which will produce the report.
To copy the report to your response, click on the Copy button in the tool (ignore any error messages at this point), and then paste (using either r-click/Paste, or Ctrl+V ) into your response.

http://www.sevenforums.com/windows-updates-activation/328921-what-matter.html
Relevancy 36.98%

hi im new and i play alot of call of duty.... and i was woundering if ram matters and i got a 2.4 cpu and does that matter?
 

Relevancy 36.98%

Help my computer restarts auto after I login into safe mode It says please close everthing you are about to be logged off I can only go in to safemode because when i login normally it says dwm exe and explorer exe has to ber termanated with both ther error code xc Here is the log Logfile of Trend Micro HijackThis v Scan saved at Hy Dirp on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Safe mode Running processes C Windows Explorer EXE C Windows system wlrmdr exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer help Please matter. the don't is what know Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en us amp c amp bd Please help don't know what is the matter. Pavilion amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en us amp c amp bd Pavilion amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en us amp c amp bd Pavilion amp pf laptop R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - Hosts localhost O - BHO Yahoo Toolbar Helper - D -C F - efb- B - ECA - no file O - BHO flashget urlcatch - F -AA - B - F D- A B E EF - C Program Files FlashGet jccatch dll O - BHO AVG Safe Search - CA F - F E- B -A E- E E C C - no file O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files Microsoft Office Office GrooveShellExtensions dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO FlashGet GetFlash Class - F E- EF- C- - BA DBA - C Program Files FlashGet getflash dll O - HKLM Run Apoint C Program Files Apoint K Apoint exe O - HKLM Run LogMeIn GUI quot C Program Files LogMeIn x LogMeInSystray exe quot O - HKLM Run TheLaptopLock C Program Files The LaptopLock LaptopLock exe startup O - HKLM Run Flashget quot C Program Files FlashGet FlashGet exe quot min O - HKLM Run Attreb C Windows System start bat O - HKLM Run ISTray quot C Program Files Spyware Doctor pctsTray exe quot O - HKLM RunOnce NIS quot C Downloads NIS Build OEM INGDirect exe quot RELAUNCH RUNONCE O - HKCU Run HideMyBrowserFree C Program Files HideMyBrowserFree hidemybf exe O - HKCU Run WMPNSCFG C Program Files Windows Media Player WMPNSCFG exe O - HKCU Run SmartRAM quot C Program Files IObit Advanced SystemCare Sup SmartRAM exe quot m O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exe O - HKCU RunOnce Shockwave Updater C Windows System Adobe SHOCKW SwHelper exe -Update - - quot Mozilla compatible MSIE Windows NT Mozilla compatible MSIE Windows NT SV MS Internet Explorer SLCC NET CLR Media Center PC NET CLR InfoPath NET CLR quot - quot http www cartoonnetwork com games courage creeptv quot O - HKCU RunOnce C Program Files Internet Explorer iexplore exe http www symantec com techsupp se amp build Symantec amp a e d O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User LOCAL SERVICE O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User LOCAL SERVICE O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sideba... Read more

https://forums.techguy.org/threads/please-help-dont-know-what-is-the-matter.781691/
Relevancy 36.98%

Hello everyone I m having a bit of trouble with Windows XP Yes? It No? Matter? Does as you have probably guessed It all started a couple of months ago when I had to reinstall Windows XP from disk completly formatting my drive Yes? No? Does It Matter? due to Windows becoming slow virii getting in etc So I Yes? No? Does It Matter? reinstalled The install was successful and for a while I didnt have any problems Then one day when I booted up my computer Windows went to the welcome screen and displayed a blank dialog box No text on the top no content it only had two buttons quot Yes quot and Yes? No? Does It Matter? quot No quot I could click either one and Windows would just load the desktop anyway This had been going on for a month or so when Windows for some reason decided that whenever I clicked one of the buttons it would reboot my computer amp repeat I then because of this reinstalled Windows from disk again All has gone well until now when I rebooted my pc and the box is back Please can someone help I have tryed taking a screenshot to no avail I hope you can understand what I mean If you have any questions please let me know Thank you all in advance From Miki nbsp

Relevancy 36.98%

Hey! If my computer has DDR2 RAM in it, does it matter what kind of memory is on the gaming video card?? Should it be DDR2 as well, or can it be DDR3? I just wanted to make sure.
 

A:Does this matter?

The memory type on the graphics card is independent of the memory type in RAM. It can be DDR3 even if you have DDR2 RAM.
 

http://www.techspot.com/community/topics/does-this-matter.141480/
Relevancy 36.98%

my ask is included into attachment image

A:what is matter

I think WINRE_DRV and System_DRV are 2 hidden partitions required on GPT disks that are used with Windows. They were likely placed there during the Windows installation by default.

In that situation, you don't want C to be active.

As far as I know, you can convert a GPT disk to MBR, but I think you have to remove all partitions first.

Not sure about the above as I don't use GPT disks.

http://www.sevenforums.com/hardware-devices/328920-what-matter.html
Relevancy 36.98%

I have 4X512 dimms of Kingston, PC3200 400MHz, dual channel mode.

Because they are in AMD environment (Athlon 64 3200+, 2GHz, Asus A8V-Deluxe s.939), my timings are just 3-3-3-8. Also its 2T(instead of 1T), 333MHz(instead of 400). They told my that I cannot do anything to change these numbers, because I have 4 sticks in amd platform.

So, I m thinking of buy 2 new kingstons of 1GB each(2X1GB), replacing the existings 2X512. After that I ll have totally 3 GBs of ram (2X512, 2X1024) Of course I ll put them in the right position so that I ll have dual channel mode(1st module:512, 2nd:1024, 3rd:512, 4rth:1024).

The queries are:
Is it a good idea to make such a movement?
Will timings be better? Will I have T1 and 400MHz?
How much improvement shall I see? 20%? 30%? 50%?
 

Relevancy 36.55%

Hitman pro discoverd a virus in C:\Windows
I tried to remove it with AVG but evry time my system (windows Vista) gets stuck
Would someone pleas help me
 

A:C:\Windows\wmpdxm.dll has virus :S (Trojan Hrse Virus Downloader.Zlob.VFG)

Hi, Welcome to TSG!!
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

https://forums.techguy.org/threads/c-windows-wmpdxm-dll-has-virus-s-trojan-hrse-virus-downloader-zlob-vfg.744891/
Relevancy 36.55%

Hello there I hope I am posting in the right place First off the spec of my laptop AMD Athlon tm II P Dual-Core Processor GHz GB RAM ATI Mobility Radeon HD I run Windows -bit The problem is that I cant seem to run games without getting lag For instance Dragon Age- the only requirement that my laptop might not meet is the processor dual core minimum however I can even top that I can make graphics the best quality or make it the worst it lags almost the same Oblivion that thing requires a Pentium yet I still get lag again the same situation where I can put the best or the worst graphics out? lag is there what, way no matter no Constant on The lag that I am talking about is not terrible for instance the games run at around or more FPS judging by the eye and every once in a while drops to around It is not much but definitely makes the playing experience much less enjoyable I do turn off all of the background programs I even use this little program game booster The hard drive is not crammed to the top I even separated the drive to a few parts for games and for Windows So yea any tips Or am i doomed to play in this ridiculous situation where no matter what Constant lag no matter what, is there no way out? graphic settings you put on you still get lag PS When games are turned on the ventilator blows out quite hot air nbsp

A:Constant lag no matter what, is there no way out?

How big is the hard drive? How big are the partitions? When you partition a hard drive, you waste a lot of space and slow down its data access. Something you never want to do with a laptop
 

http://www.techspot.com/community/topics/constant-lag-no-matter-what-is-there-no-way-out.172269/
Relevancy 36.55%

I guess it depends matter? Does really size on who you ask Really though I do have a question about SSD and size It has been asked over and over but I have not seen any threads that really answer my question What size SSD would be the best option for Does size really matter? me I do your normal computer operation but do a lot of serious video work I have many programs Does size really matter? that I need to use for different things that I do Several different things for video large programs office programs that I have for home automation hundreds of gb of music hundreds of pictures tb of video Large programs for pictures I know I won t store any of the music pics or video on the SSD I have read many many many conflicting reports on what to do with your SSD My big question is will I get faster video rendering if the program is on the OS drive Where is the best place to put my programs On another drive or on the same partition as the OS I want what will be best for video work nbsp

A:Does size really matter?

Id use 124GB SSD to load my OS, Video Editing Programs and other main programs that you have on. Keep all the data such as music, pictures, videos on a normal HDD.



My big question is will I get faster video rendering if the program is on the OS drive?Click to expand...

You mean if the program is on the SSD with the OS? Id guess so since it will write the data faster, but I am not expert and on top of that I don't have a SSD. But also a GOOD CPU will play a good roll in that.
 

http://www.techspot.com/community/topics/does-size-really-matter.166914/
Relevancy 36.55%

I would appreciate if someone would explain the significance of DVD regions. I rented an old movie from my local library. When I tried to play it on my Windows 7 machine, there was a message that the DVD was purchased in region 1, my computer DVD drive was set for region 2, and I needed to change the region. Since there is a limited number of region changes that can be made, I decided not to make the change and did not watch the movie.
 
Would someone please explain the technical background as to why regions matter? And why did Microsoft decide to limit the number of region changes for Windows 7?

A:DVD regions - why do they matter?

1.  Just read what Wikipedia has to say about region codes yourself.
 
2.  If you use VLC Media Player it will play any region code DVD without a fuss.

http://www.bleepingcomputer.com/forums/t/546689/dvd-regions-why-do-they-matter/
Relevancy 36.55%

Hello All I am on the brink of a neverous break down and no do!!! i what Bsod matter I am in dyer need of help This is my second posting on seven forums about a random BSOD issue I been having for months I have Bsod no matter what i do!!! tired everything I can think about to resolve this issue but nothing works I have done a dozen fresh installs of Windows deleted the partitions and formatted I purchased new RAM Bsod no matter what i do!!! and Hard Drives and nothing helps My specs are as follows Asus P T Deluxe V MB GB X Corsair Dominator RAM EVGA GTX CO-OP Video Card Bsod no matter what i do!!! X TB Seagate HDs X-FI Elite Sound Card i CPU LG GBW-H L Drive Logitech MX Keyboard and Mouse and Zoom skype adapter Here is a copy of the error and attached to this posting is the dump files Can someone please help Thank you in advance Problem signature Problem Event Name BlueScreen OS Version Locale ID Additional information about the problem BCCode f BCP BCP BCP F BCP FFFFF AD F OS Version Service Pack Product Files that help describe the problem C Windows Minidump - - dmp C Users Apprentice AppData Local Temp WER- - sysdata xml Read our privacy statement online Windows Privacy Statement - Microsoft Windows If the online privacy statement is not available please read our privacy statement offline C Windows system en-US erofflps txt

A:Bsod no matter what i do!!!

Ran a debug for you, and I get the following:
Attachment 54020
I think this looks like a driver issue. If you know how to run the driver verifier function, try that. If you've never run it before, be careful... you can get stuck in a BSOD/reboot loop. Here is a tutorial for running driver verifier.

If the driver verifier function makes you too nervous, you could manually search for updated drivers for all of your hardware by going to the manufacturers' websites, one by one, and getting the latest drivers.

http://www.sevenforums.com/bsod-help-support/63633-bsod-no-matter-what-i-do.html
Relevancy 36.55%

Hi. I posted a long rambling thing a little while ago because I'm looking at a new laptop. Let me cut out all that stuff and get to one point I'm really curious about -- does 64 bits matter?

I know some people say this is just around the corner, but is it a revolution or just hype?

Obviously I am also curious whether there is a point in waiting to buy a new computer until Intel goes 64 bit -- but the computer I have now is ancient and can't run anything anymore, so I probably don't have that luxury.

Still, I wonder what 64 bits actually means. It's my feeling that 32 bits is doing a pretty decent job and going from 8 --> 16 and 16 --> 32 were the real revolutions. But maybe someone has a different take.
 

Relevancy 36.55%

Hello I am hoping you can help me I have a Compaq laptop with Vista Home bit running on it Within the past week I have received viruses Windows Restore and Vista Manager I have followed all the directions on your site and have run the following programs Malware Spybot Search amp Destroy Super Anti Spyware CC Cleaner and Ad Aware Here are my issues now after all of the cleaning When I try to run Combofix I get a popup that my disk has errors and to run chkdsk I have done a quick scan through the DOS promp and there are corrupt files so it doesnt finish completely I have also tried to force it to fun upon reboot into Safe Mode but it does not scan just boots up to safe mode I have gone into disk properties and checked the boxes to run chkdsk upon reboot and then gone into the msconfig boot area and checked the box for Safeboot which has worked in the past but this time nothing just boots into safe mode I have matter Chkdsk no what Cannot run try I never had problems with chkdsk before and run it faithfully to keep my computer Cannot run Chkdsk no matter what I try functioning Any ideas I would love to fix all the errors through chkdsk Leigh Anne

A:Cannot run Chkdsk no matter what I try

Maybe is it smart if you run an online scan.
Sometimes find an online Virus scan more than the standard Virus scan.
Also think I that it is smart when you have done, that you make a DDS log in the sub forum Am I infected.?
Tip: It is not really smart when you run a Hijackthis tool without experiences.

http://www.bleepingcomputer.com/forums/t/394858/cannot-run-chkdsk-no-matter-what-i-try/
Relevancy 36.55%

Having seen the required specs for half life 2, I've decided to upgrade my current ram and purchase an AMD 2500 processor - my current system is a s follows, AMD 1700, 512 DDR ram (generic), softmodded radeon 9500 128 np, W2000k and a 40 gig HD, not top notch kit but enough to play any current game at optimal configuration.
My question is this, my current 2100, 266mhz generic ddr ram works pretty much adequatly and has given me no cause for complaint but on checking prices, find that higher specc'd ram is'nt as expensive as I'd assumed - would purchasing 333mhz or 400mhz ram offer significant increase in performance or are these specs only relevant to hard core modders?
 

A:Does make matter?

333Mhz to 400Mhz, not much.
 

http://www.techspot.com/community/topics/does-make-matter.6532/
Relevancy 36.55%

Here is the problem I just recently was given a laptop. I was told that it was hooked up to a tv with HDMI but, there was sound on the laptop. I am running Windows 7 Premium HP Pavilion g7-1318dx Notebook PC
Serial Number: 6CF2085XDS Product Number: A7A43UAR . I have no sound with just notebook speakers. I have went to the HP driver download site and tried to download the audio drivers. I receive a warning " The Hardware detected is not supported by this IDT software package. Install will now abort." There are 3 Audio downloads on the Hp website none work. The speaker Icon down by the clock with a red X on it when you do a mouse roll over it says no speakers or headphones are plugged in. I have tried headphones still no sound. I have also tried to the windows trouble shooter and it says it detects no problems. Play back devices is only showing Digital Audio (HDMI) High definition Audio device not plugged in. Recording says there are no audio devises are installed in. I have tried everything any help would be appreciated.
 

A:No sound no matter what

I think that you need an extra lead because HDMI gives picture only. The lead I have has a mini stereo jackplug at one end which goes into the computer's headphones socket and two phono plugs (white and yellow) at the other to plug into the TV's audio input at the back. You should then be able to work out how to set up the sound via Control Panel.
 

http://www.techspot.com/community/topics/no-sound-no-matter-what.206720/
Relevancy 36.55%

Compaq CQ50-103nr Laptop running Windows Vista Home Premium.

You can see the Wireless User Guide here. My understanding is that the wireless light is orange when the wireless adapter is disabled and blue when enabled. If I press the wireless button, it turns blue for about a half second and back to orange.

I have loaded the drivers furnished by Compaq and I have no exclamation points in Device Manager.

My guess is the wireless adapter is kaput; but, before I spend any money, I would like to know what others here might know about this that I might not.

The power button for this laptop is at center top of the keyboard and the wireless button is just a half-inch to the right of it. It has the wireless symbol on it, lit in orange and it finds no network although I do have a working wireless router on which another laptop here is currently working.
 

A:Wireless LAN indicates it's off no matter what

Unfortunately, a non-working wireless adapter and a wireless light which is permanently amber is a widespread fault with HP & Compaq laptops (Google Search brings up loads of forum posts to prove how widespread it is). My grandaughter's packed up on her Compaq last year and it defied all attempts by me to fix it so I bought her a plug-in USB wireless adapter which solved the problem.

In my daughter's case, the built-in wireless adapter wasn't even listed in Device Manager, which means it isn't even being detected, which usually means the device has failed. Your Device Manager is probably not listing it either (hence no errors are shown).

If the laptop is still under warranty, HP will repair it free of charge (or at least that is what I read on the various forums last year).
 

https://forums.techguy.org/threads/wireless-lan-indicates-its-off-no-matter-what.1026373/
Relevancy 36.55%

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz, x86 Family 15 Model 4 Stepping 3
Processor Count: 2
RAM: 1015 Mb
Graphics Card: Intel(R) 82915G/GV/910GL Express Chipset Family, 128 Mb
Hard Drives: C: Total - 184422 MB, Free - 145349 MB; D: Total - 6336 MB, Free - 372 MB;
Motherboard: ASUSTeK Computer INC., Goldfish3, 1.xx, X312345678
Antivirus: avast! Internet Security, Updated: Yes, On-Demand Scanner: Enabled

How do I get rid of LOL? I'm not very computer savvy, so I need the info in an easy-to-understand format.
Any advice would be GREATLY appreciated! Thanks.
 

https://forums.techguy.org/threads/help-lol-no-laughing-matter.999997/
Relevancy 36.55%

I screwed up and humbly ask for some help I am having trouble starting my home computer I have XP Pro It was working fine until I tried to install some HP Printer software The install was unsuccessful so I uninstalled I don t think the software was XP compatible I started getting this message PAGE FAULT try XP what no I matter reboots IN NONPAGED AREA STOP x xF x xF x I have tried to reinstall using my CD that came whith XP when I purchased it I can get all the way to where it starts copying files over to get ready to either install or repair When I select eitehr install or repair I XP reboots no matter what I try get the blue screen again and the computer restarts I do not have a ASR disk either I am kicking myself for XP reboots no matter what I try not making one I have a different hard drive that I was able to load XP to without any problems when I hook it up so I don t think there are any problems with any of the hardware I would just like to be able to get my new hard drive working again nbsp

Relevancy 36.55%

guys I am ashamed to admit I dunno these answers as long as I ve been in the biz Brand RAM more Does Matter? better? is And I have a new-to-me HP DC and am outfitting it The machine has mem slots currently occupied by K modules I want to upgrade The fastest memory it can handle is PC - mhz -pin package but for whatever reason it will only Does RAM Brand Matter? And is more better? address Does RAM Brand Matter? And is more better? GB of that module each in slots separate channels Using PC - modules mhz it can handle GB I don t do high-end games but I do want to outfit the machine to play HD movies amp web content and I run a lot of business applications So am I going to get better performance with GB of mhz mem or with GB of mhz mem And does brand really matter I mean this is not Gigahertz-speed memory bus I m dealing with Should I buy Cosair value line memory due to its reputation about bucks for gb or house brand for a whopping total of I ve done some websearching and find no science on these questions just opinions Also are these GB modules a LOT more power-hungry than the current K s I m apparently right on the edge of what my w power supply can deal with nbsp

Relevancy 36.55%

Hey there I m helping a friend out with an older pc they just bought It s a home-made job but it seems no what help! matter Can't try boot i from please cd - to run alright Can't boot from cd no matter what i try - please help! It s got Windows ME on it now mb of ram I m trying to wipe the hard drive and install Windows XP Professional SP I ve done this many times before but I ve never run into this problem Even though I went into the BIOS and told it to boot from CD first it won t do it I ve double and triple-checked the BIOS to make sure it says quot CD quot as the first boot device but POST just skips right over it and boots the hateful Windows ME I ve swapped out the CD drive with a few others to make sure it wasn t a bad CD drive I even switched the ribbon cables around so it would boot off of the nd CD connectors rather that the first in case that was the problem But no matter what I try it just keeps booting into Windows ME and never booting to the CD The CD light comes on and off so I know it s getting power I reset the BIOS to quot failsafe quot and then told it to boot to CD first but still no luck I know the CD is good by the way because I tested it on another PC I even tried using a different hard drive to see if that might be the problem Can anyone help me to figure out what might be causing this Thanks in advance nbsp

Relevancy 36.55%

What is the preferred location to have WoW installed? It is currently installed under: c:/program files/World of Warcraft.

Should it be under program files(x86) or under the games folder? It is working perfectly right now where it is (just having issues with ventrilo).

A:Does it matter what folder????

It really doesn't matter where you install programs or games. I just use what the installer has pointed to unless I don't have any space left I go for a different drive.

What is happening with ventrilo.

http://www.vistax64.com/gaming/233687-does-matter-what-folder.html
Relevancy 36.55%

How do I get rid of LOL? My spyware/virusware is not picking it up, and it's wreaking havoc with my computer!
 

A:LOL no laughing matter!

Hi,

Describe your issue a bit and do the following.

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

 

https://forums.techguy.org/threads/lol-no-laughing-matter.1000824/
Relevancy 36.55%

I am using win XP, from time to time i have this problem which stiops me moving around. I have to use window task manager to stop all tasks to end the problem.
any one can help.
thanks
 

Relevancy 36.55%

I guess it depends on who you ask matter? Does really size Really though I do have a question about SSD and size It has been asked over and over but I have not seen any threads that really answer my question What size SSD would be the best option for me I do your normal computer operation but do a lot of serious video work I have many programs that I need to use for different things that I do Several different things for video large programs office programs that I have for home automation hundreds of gb of music hundreds of pictures tb of video Large programs for pictures I know I won t store any of the music pics or video on the SSD I have read many many many conflicting reports on what to do with your SSD My big question is will I get faster video rendering if the Does size really matter? program is on the OS drive Where is the best place to put my programs On another drive or on the same partition as the OS I want what will be best for video work nbsp

Relevancy 36.55%

My acer Aspire 5738Z has a web cam called a crystal eye. when I downloaded windows 8 saw that it had a simple to use camera app. No matter how I try I cannot get it to work. I have tried every driver I can find even the ones on the Acer support page. I still get the response "camera not found" In fact this is a true statement because I
can't find where the camera is stored on my system. Any advice welcome. I never tried the camera until I changed to windows 8 so I am not sure if it ever worked.

A:not sure this is a windows 8 matter!!

Hi there
This little app works fine on Acer gear
Just run amcap.exe from a usb stick or whatever

Here's the dropbox link for you

https://www.dropbox.com/sh/p7vd5mtzymxks2d/AzySb81rs-

Cheers
jimbo

http://www.eightforums.com/drivers-hardware/23785-not-sure-windows-8-matter.html
Relevancy 36.55%

So, my Nvidia card using coolbits overclocking tweak shows me this information on my graphic card

Why is it the OS thinks the AGP is at 2X ???

anyone see same type of thing
what do you make of it
is there some sort of fix for this.

I have the same thing using my
MSI board using GF6600 card
ASUS board using Ti4200 card
 

A:anyone get this or what it means, or any way to fix it for that matter ??

I have only heard of 8x card going down 4x when the AGP slot does not support it. The only thing I think of to suggest is you check you motherboards manual.
 

https://forums.techguy.org/threads/anyone-get-this-or-what-it-means-or-any-way-to-fix-it-for-that-matter.437819/
Relevancy 36.55%

im trying to upload a photo and it wont let me because the require a photo less than 500kb abd ub jpeg my photo seems to be bigger than that how do i make it smaller? i have kodak easyshare software, thank you
 

A:size does matter

gettingthere said:

abd ub jpeg my photo Click to expand...

pardon?

to reduce the size of an image you just need an image editor of some description, the professional app of choice is of course photoshop, which has an extremely useful 'save for web' function that performs this task.

The more widely available (ie cheaper) app is paintshop pro, which you can d/l a demo from jasc.com.

I wouldn't be surprised however, if you existing kodak easyshare had some facility to reduce the (physical) size of an image, is there an option on one of the menus or toolbars to reduce the pixel size and/or the dpi resolution? You may find your photo is currently in several megapixels; the default maximum for the camera that took the photo. If it's just to be used for browsing onscreen, eg on a webpage or similar, then it only needs to be 72pdi which would save a massive amount of file space.
 

https://forums.techguy.org/threads/size-does-matter.249696/
Relevancy 36.55%

ok i open task manager (1)

i then click processor tab (2)

the i notice 8 lots of java on this list

then i right click and open file location

then i come up with this second picture if you can en light me at all on this please i would like to no if this is all normal or appears to be normal having so many java items on the FIRST photo , and also the second location reffered as (bin)
and if you cant see the photo keep clicking it will get bigger

A:Hi bit confused on this matter

Don't know what that's all about here is mine

http://www.vistax64.com/general-discussion/280681-hi-bit-confused-matter.html
Relevancy 36.55%

I'm at my wits end - it didn't take long!

Fixing up an old Intel 845EPT2 for a neighbor. I did a Reinstall of XP, installed all Drivers straight off the Intel Website, and no matter what, there's no Audio.

"No Device Installed" even though the Soundmax appears in System / Devices.

I have double checked Audio is enabled in the BIOS.

I even threw in an old Soundblaster Live!, turned off Audio in the BIOS, installed Drivers and it did the same thing.

I'm running an SFC / SCANNOW .

The weird thing is that it had Audio before {along with a million viruses, which is why I re-installed}

Any ideas, except a litre of Petrol and a Lighter?
 

A:Can't get Audio no matter what

uninstall all your drivers in device manager, go to your C drive and program files, make sure all files related to the drivers, software is deleted, also, do a add remove any software that may use those same sound drivers that you previously uninstalled. turn off machine, take your card out, if you're using onboard, disable in bios, start up, let windows load, if its a sound card installed in a pci slot a "new hardware" window should pop up, install drivers through that dialog box. If its an onboard sound device just simple restart after windows has started up and recognized no sound devices or drivers installed, go back to bios, enable sound, start up, reinstall drivers and software....I hope this helps as I just had this problem last night and had to figure out how to fix it, GL
 

http://www.techspot.com/community/topics/cant-get-audio-no-matter-what.80215/
Relevancy 36.55%

Does the type of RAM I order matter? I already have... Corsair XMS2 Xtreme Performance 2x2GB DDR2.

I have two more slots open and I want to do the same thing but I am not sure what to buy off of newegg... I can't even find the exact link to what I bought originally. Can someone help me out. (I am not very good with hardware and the exact specifics of what everything does)

Sean

A:Does the Type of RAM Matter?

What would be the difference between...

All
of
these
different
types
of RAM
(Each line is a different link)

How do I know which is the best out of them all?

Sean

http://www.vistax64.com/general-discussion/256944-does-type-ram-matter.html
Relevancy 36.55%

been around computers for a long time and cant get thisone figured out. took old ribbon dvd drive out for new sata dvd drive, and since cant get picture. tried replacing EVERY PART IN MY SYSTEM 1 part at a time. thinkin its somethin little im misssng. replaced mobo, still no pic outa card, returned that mobo and got new graphics card... still no picture. tried different processor still no pic, tried diff ram, tried diff power supply, tried diff hard drive, ive tried it all and im gettin aggrevated. intel mobo, nvidia geforce 7800, dual core.
 

A:Cant get picture out no matter what... tried everything

Seeing that this is your first post, I will say "welcome to TechSpot"!

Next, I know this has you a bit miffed, I've been down your road of computer frustration at one time or another, but your going to have to give us a little bit more information.

How about a small list of all your components?
What type of case your trying to install of this in?
What is your power supply, and what is it's rating?
What Operating System are you using here?

Maybe a slight "step by step" of what you did prior to uninstalling the I.D.E. DVD drive, through that, to installing the SATA DVD drive. If your suspicions are true, and you think that you missed something minor, doing a small 'step by step" thing sometimes takes care of these sort of thing.

So please get back to us, we are here to help!
 

http://www.techspot.com/community/topics/cant-get-picture-out-no-matter-what-tried-everything.179181/
Relevancy 36.55%

Hi,
its all started when onw day i opend my PC, after 5 min freezes.
In the first place i thought it was somethign wrong with a softaware...so i started to unistall all programs i have one by one to see the performance...nothing happend.
I have even changed RAM..nothing happend.SO finally thought that maybe it was the HDD.

So i bought a new one (Maxtor 40GB) and now when i am trying to install windows 2000 it freezes again in the installation part (you know the blue screen)!!!
What else can be wrong???

thanks for any help.

P4,256RAM,2.4Ghz.
 

A:Pc freezes no matter what i do

sounds like mine, removed everything still happened, BIOS was the problem - it changed some of the settings itself. look at ram spped in bios - mine was set to wrong speed. maybe this will solve your problem, it fixed mine.
 

http://www.techspot.com/community/topics/pc-freezes-no-matter-what-i-do.56495/
Relevancy 36.55%

I have GigaByte 8I955 Royal which specs 1.8 volt for the ram.

When I went to Newegg.com's memory configuration tool, it comes back with all different voltage rams for me range from 1.8 1.9 to 2.1 volt.

Can I use higher volt ram in my motherboard?

Your help is appreciated!

[email protected]
 

A:Ram Volt Does it matter

You need to check QVL of compatible ram for your motherboard.
1.8v is the motherboard default ram voltage, check in bios to see if you have the option to change the ram voltage.
If you don't have the correct voltage for the ram you will run into booting problems
 

https://forums.techguy.org/threads/ram-volt-does-it-matter.645337/
Relevancy 36.55%

I built a new computer and here are the specs Motherboard i FTW edition by EVGA Nvidia nforce Intel Core Quad Q GX Video Card OCZ SLI Mhz RAM WD GB Hard Drive Sony DVD RW I download anything no what? matter Can't have installed a clean installation of Windows Vista Ultimate and installed all drivers or Windows found some and and then installed them ALL drivers are up Can't download anything no matter what? to date I can t download anything from the internet and my browser s Firefox and IE both show constant errors involving the encoding process of pages I can t even see some pages at all and it took refreshes to get this one to load If I download anything at all it says download corrupt or said program has stopped working I can use already installed programs and everything else seems to be fine I clean installed twice flashed the BIOS checked the RAM through memory tests as well as memory diagnostics Connected with and without routers Can't download anything no matter what? different cable modems different video cards different CPU s Can't download anything no matter what? and changed the RAM and slots different times I have searched high and low and it seems to be my motherboard but I can t get it to work no matter how hard I try Please someone help nbsp

A:Can't download anything no matter what?

I don't know your MB but if you got a set of 32 bit drivers as well as the 64 bit drivers, give the 32 bit drivers a spin. I think I read that someone found that effective .
 

https://forums.techguy.org/threads/cant-download-anything-no-matter-what.766633/
Relevancy 36.55%

Hi I have matter no loud CPU what Fan a custom computer I built and I m having real problems with how loud it had gotten Recently my friend gave me his old processor P GHz with HT and its running CPU Fan loud no matter what on my new mother board ASUS P CPU Fan loud no matter what NSLI and it has been running so loud that it keeps me up I have to open my window to let in degree air to slow the fan down There was one fan already in the case that was sucking air out on the panel side and i recently purchased another one to put in the back near the cpu to blow air in and it made about Zero difference and its putting a good amount of air in My heat sink is just a intel that came with the CPU The fan speeds run as follows at rpm when the CPU is C This is relatively quiet but still can easily tell that the computer is running but this is with the window open haha once i close the window the temp is still at C but it will run at rmp- rmp which is enough to wake me up note these temps are mostly unaffected by cpu usage when i run transcode for my converts an avi file into wmv as fast possible to play through media center If the window is open no sound and the cpu is under rather a heavy load but in the same respect if the window is closed and I m not even using my computer its like a highway in my room The Computer itself isn t in a confined area either it is out in the open in a place where air circulates easily So my though that was maybe i need to mess with the settings in BIOS since i have never really touched them in new computer Any suggestions on what to do whether it is through the BIOS or just how I placed the fans in the case thankyou nbsp

A:CPU Fan loud no matter what

You may be able to change the thresholds for temperature in the bios on whether it kicks the fan into high speed or not.

I'd also suggest taking that fan you put in the back of the case and reverse it so it blows air out, thats traditionally how its done, and makes more sense with the air dynamics inside a case. Fans on the side panels or the front typically blow air into the case, so I'd suggest doing that as well.

You can pull the heatsink off the processor (with the comp shut down of course) and clean it off with 99% Isopropyl alcohol and reapply some thermal paste. Artic Silver seems to be the consensus for doing that, but you can also get away with the thermal paste Radio Shack sells if you must.

A final thing you could do is get an aftermarket heatsink and fan that will run quieter and cool better.
 

http://www.techspot.com/community/topics/cpu-fan-loud-no-matter-what.68498/
Relevancy 36.55%

Hi i have done a search and not found the answer to my question so i hope someone can help me.

I have installed windows 7 to my main desktop computer and i got the 100 Mb partition, now i have installed win 7 to my laptop the drive was already partitioned on when i look at the drives i have not got the 100 Mb partition, after the search i did on this forum i see the reason i did not get the small partition is because the drive was already partitioned, and this is normal.

But my question is will the instalation work or like this or do i need to remove all the partitions and start again.

Hope someone can advise me.

A:Does it matter about the 100 MB partition

Hi sam49, Im assuming the laptop is booting? If so then you have nothing to worry about

For peace of mind though, please upload a screenshot of Disk Management (search for it in the Start Menu) and we will be able to tell you exactly what is going on.

http://www.sevenforums.com/installation-setup/153865-does-matter-about-100-mb-partition.html
Relevancy 36.55%

Have a wired network with a gigabyte lan card and a Netgear WNR3500 "N" router...will switching from 5 cat to 6 cat on the hardlines make any difference in home network performance..throughput...etc ??

Thanks...TR

A:Does it matter...5 0r 6 cat cable ?

  
Quote: Originally Posted by trinaz


Have a wired network with a gigabyte lan card and a Netgear WNR3500 "N" router...will switching from 5 cat to 6 cat on the hardlines make any difference in home network performance..throughput...etc ??

Thanks...TR



Cat 6 will give you better transfer speeds from computer to computer in your network. it will also auto sense devices. It wont make your internet any faster

Ken

http://www.sevenforums.com/network-sharing/99185-does-matter-5-0r-6-cat-cable.html
Relevancy 36.55%

i used to have dual boot windows vista and ubuntu and i got rid of ubuntu and the grub boot loader (by using vista recovery cd and using the command bootrec.exe /FixMbr) which i replaced with the vista boot loader from the recovery cd i made but for some reason i dont have BIOS anymore. at all. and when i press f9 to load my recovery partition it gives me the error
PXE E61 media test failure, check cable
PXE M0F exiting pxe ROM

then it loads windows vista and i cannot reformat my computer because of this. i really need to get this done as soon as possible i cannot express how grateful i would be to whoever can help me solve this problem. thankyou.
 

A:URGENT matter.

Vista and the boot-loader have nothing to do with BIOS.

Try a PS/2 keyboard if you are using USB.

You might try resetting CMOS. The machine is trying to boot from the network, possibly because it can't find any OS.
 

https://forums.techguy.org/threads/urgent-matter.823460/
Relevancy 36.55%

I know that with a cassette tape, when you go down to the fourth or fifth generation, you can really hear the difference. The sound gets quite muffulled.

But what about CD-Rs?

Can I go down four or five generations and still maintain the same sound quality. I know there are rumours that digital CD-Rs make exact copies, but I thought I'd ask the tech gang to make sure.

Thanks,

changintimes
 

Relevancy 36.55%

A friend of my mother's asked me to look at her computer as she was having issues with it Well I got everything back up and working and then did updates to Windows SP etc In the midst of installing some of these updates after SP my child yanked the power cord out of the wall and down I went When I went to reboot I was given the option of Safe Mode etc but selected to boot normally The XP logo came up and was fine but then it went to a black screen and STAYED there No white cursor nothing UGH So I went to boot again When given the same option I tried safe mode Well I didn't get a black screen but I got a string of DOS lines one after the other just sitting on the screen I mean line after line filled the screen The REALLY horrible part about this is there is no XP disc for this I asked my mother's friend about this and she claims that when she bought the computer from Wal-Mart HP it didn't come with any CDs I find that hard to believe but whatever SOOO now I have no XP NO won't MATTER boot WHAT! HELP! idea what to do XP won't boot NO MATTER WHAT! HELP! I mean I do have my own Dell EOM CD for XP but I can't use that to try and fix this can I It is just like NOTHING I do is working The computer is free of an virus activity spyware etc I took all of that out Help

A:XP won't boot NO MATTER WHAT! HELP!

Quote:




my child yanked the power cord out of the wall and down I went




i think you are going to have to take the side off and check for any loose connections. make sure if theres a video card that its seated properly .
if you have no success, unplug it and pop the battery out for at least 20 minutes to reset the cmos.
you might need to tweak the bios setup options afterwards.

goodluck and post back

http://www.techsupportforum.com/forums/f10/xp-wont-boot-no-matter-what-help-67299.html
Relevancy 36.55%

Hi Maybe someone could help me I am looking to go sli and am hoping to buy the same card to the one I have see my spec but I dont seem to if for card different matter get I SLI? Does it a be able to find a new one anywhere I like the card I have its a strong OC quite high out of the box in my opinion Does it matter if I get a different card for SLI? I can only find used ones and would to prefer to buy new I have been thinking of buying a gt as its basically the same card as far as I can tell Would the performance be a massive amount difference as its not the same model I know this card uses the same chip but every frame extra is going to Does it matter if I get a different card for SLI? help Would I get the same performance if the second card isn t identicial but say a slightly better model like the gtx Also does it matter as much if I change to a different brand I am currently using XFX Thanks nbsp

A:Does it matter if I get a different card for SLI?

I don't think it would matter too much... as long as you stay close to the video card specs
 

http://www.techspot.com/community/topics/does-it-matter-if-i-get-a-different-card-for-sli.120383/
Relevancy 36.55%

So I run my avg anti spyware and it always finds something or another I have them cleaned out my avast comes up clean and i still get pop ups i Solved: what ups matter pop Get do no I have ran a hjt log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot Solved: Get pop ups no matter what i do mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C WINDOWS system Ati evxx exe C WINDOWS system ctfmon exe C WINDOWS Explorer EXE C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Grisoft AVG Anti-Spyware guard exe C Program Files BUFFALO Client Manager bwsvc bwsvc exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe C Program Files HP HP Software Update HPWuSchd exe C Program Files Common Files LogiShrd LComMgr Communications Helper exe C Program Files Logitech QuickCam Quickcam exe C WINDOWS RTHDCPL EXE C Program Files Java jre bin jusched exe C PROGRA ALWILS Avast ashDisp exe C Program Files iTunes iTunesHelper exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Microsoft Location Finder LocationFinder exe C Program Files Alwil Software Avast ashMaiSv exe C PROGRA Magentic bin MgApp exe C Program Files Alwil Software Avast ashWebSv exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files LogiShrd LVCOMSER LVComSer exe C Program Files iPod bin iPodService exe C PROGRA INCRED bin ImApp exe C Program Files Common Files Logishrd LQCVFX COCIManager exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C PROGRA Yahoo MESSEN ymsgr tray exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe c windows system hpsysdrv exe C Program Files Common Files Real Update OB realsched exe C PROGRA INCRED bin ImNotfy exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c amp bd PRESARIO amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com O - BHO no name - D -C F - EFB- B - ECA - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Prog... Read more