Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

Microsoft Works Spreadsheet files corrupt Cryptolocker

0
0
Have a laptop here that had the crypto locker virus, or a variant of it. Using Combofix this now appears to have gone and all traces have been removed from the registry, however when I try to open the spreadsheet files, .xlr, I get a message saying they are corrupt or not compatible with works. Is there any way to repair these files?

Nothing works when I try to click - please help!

0
0
My pic loads fine (Windows 7), but when I hover over an icon to click it, it highlights but nothing happens when I double-click. Nothing will open. The Ctr-Alt-Del works, but again once the screen is up I can't click anything. I also started the pic in safe mode and the exact same thing happens. If it is a virus how can I remove it if I can't click on anything? :(

UPDATE - It's not a virus, it was just the left button on my mouse not working!

Chinese malware Tencent invaded my IBM T40 laptop, MS Windows XP

0
0
Here is your SysInfo information: Tech Support Guy System Info Utility version 1.0.0.2 OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit Processor: Intel(R) Pentium(R) M processor 1600MHz, x86 Family 6 Model 9 Stepping 5 Processor Count: 1 RAM: 1534 Mb Graphics Card: ATI MOBILITY RADEON 9000, 32 Mb Hard Drives: C: Total - 147929 MB, Free - 4270 MB; Motherboard: IBM, 2373NG3 Antivirus: 电脑管家系统防护, Updated: Yes, On-Demand Scanner: Enabled I actually use Symantec Endpoint Protection antivirus, but it was unable to recognize an infected .exe file claiming it was clean. Antivirus is still working and does not report any threat! ;) But it seams the Chinese malware is already controlling its behavior. The pop-ups constantly promote something in Chinese, showing mostly images of automatic weaponry (probably Kalashnikov). The Program Files directory contains now a Tencent directory, which includes QQPCMgr with some more subdirectories. I was only able first to delete some of the contents, probably not vitally important files. All other content seems to be very well protected. I am unable to terminate the corresponding processes in the Task Manager nor uninstall the related program with Chinese name. I was also unable to perform System Restore - the system claims its inability to do so. I even could not start windows in Safe Mode. I tried to use SpyHunter, but also with negative results: any attempt to block any of the running malicious programs resulted in an instant crash of Windows. Of cause there are numerous problems with the system... Do I have yet any options to clean my system? Please help!

Computer automatically installs unwanted software (Moved from Windows 7 forum)

0
0
stephq,
Whenever you install pirated software, especially using torrents, you will get a lot of unwanted adware, and maybe worse.
The purveyor can own your machine, and the undesired behavior may continue.
A lot of this probably came in when you installed the unauthorized copy of Adobe CS.
I would advise you to remove it, but in any case, I am not helping with any associated issues.

The following needs to be installed to replace the older Reader, because the older version is vulnerable to known hacks.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files
There are security vulnerabilities in earlier versions of both Reader and Acrobat Pro. All versions numbered lower than 11.0.10 are vulnerable.
Go HERE to download the Installer AdbeRdr11010_en_US.exe .
Save the file to your desktop and run it to install the latest version of Adobe Reader.
Always be careful to UNCHECK any offer for toolbars, helpers or other "partner" Free programs
After the new Reader is installed, Open Adobe Reader XI, as it is called, and OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category
Uncheck Automatically trust sites from my Win OS security zones, and under Protected View, click on Files from potentially unsafe locations.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
When it asks if you are sure you want to make changes to Advanced Security Preferences, answer Yes.
When it finishes, you can remove the Installer from your desktop.

You can tell me how the machine i's running.
askey127

What is nginx and is it dangerous.

0
0
I turned on my computer about an hour or so ago and opened up chrome and I see a page that says "nginx error". I've never heard of nginx before and I'm wondering what it is and what should I do because from what I've seen online it doesn't look friendly.

ctfmon.exe- Bad Image

0
0
Download attached fixlist.txt file and save it to your downloads folder.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Attached Files
File Type: txt fixlist.txt (4.1 KB)

TR/trash.gen and system restore

0
0
Hi everyone,

Avira found a virus on my system recovery (D) Drive. The virus is called TR/trash.gen. I sent the file to avira and they verified that it was indeed malware. I have never had any issues with security breaches or issues with the computer Other than in the past I have noticed what seemed to be excessive CPU usage at times. I did a threat scan with malwarebytes, a malware scan with emisoft antimalware, a quick scan with the bitdefneder addon in Firefox, and a quick scan with Avira and all came back clean. I am going to do a full avira scan with the cloud protection enabled as well.

I do not feel my system has been compromised, but it would be nice to dig little further and know for sure. Any info on this virus would be appreciated.

My main concern now is that I cannot seem to delete the system restore points. I turned off system restore, but when I right click on the D drive and view it's properties, it says 8 GB is being used. Nothing changes when turning off sytem restore and restarting the computer. I don't know if this is becasue of the virus, or becasue Avira pulled the infected files off system restore to quarentene them. I have since deleted the infected files.

How can I delete the system restore files, recvover as much space on the D drive as possible, and start over with all new system restore points ? I used to do this by simply turning off sytem restore and turning it back on.

Is there a fairly quick way I can be fairly confident that this thing is off of my computer and the computer is most likely clean ?

Thanks,
John

Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+, x86 Family 15 Model 43 Stepping 1
Processor Count: 2
RAM: 3006 Mb
Graphics Card: NVIDIA GeForce 6150 LE, 256 Mb
Hard Drives: C: Total - 296227 MB, Free - 49529 MB; D: Total - 8996 MB, Free - 777 MB;
Motherboard: ASUSTek Computer INC., NAGAMI2
Antivirus: Avira Antivirus, Updated: Yes, On-Demand Scanner: Enabled

Suspect virus

0
0
Hi
I use Windows 7 64bit OS and downloaded some Autodesk files. SInce then, my computer has been randomly disconnecting from the internet. I get ip address change errors, also network problems - my Local Area Connection says a network cable is unplugged - basically, my entire system is a mess. Please help me. I don't know what I need to send to you, or even how.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 6:50:56 PM, on 12/07/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 38.0.5 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Notably Good Ltd\Affixa\AffixaTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\Lynda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Users\Lynda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\Lynda\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lynda\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AffixaPersonalSettings] "C:\Program Files (x86)\Notably Good Ltd\Affixa\AffixaHandler.exe" /APPLYPERSONAL
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lynda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Affixa] C:\Program Files (x86)\Notably Good Ltd\Affixa\AffixaTray.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Lynda\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-852268688-2186595755-3357185040-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-852268688-2186595755-3357185040-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Aztec Riches Casino - {133767E3-541B-4F07-AFEE-A22189526ADD} - C:\Microgaming\Casino\Aztec Riches\casinogame.exe (HKCU)
O9 - Extra button: Red Flush - {1824B1F3-11FB-4663-8D15-5EC08D26824F} - C:\Microgaming\Casino\RedFlush\casinogame.exe (HKCU)
O9 - Extra button: Players Palace - {1DB7195B-7D6D-48EB-A5B3-C3B6A356425D} - C:\Microgaming\Casino\PlayersPalace\casinogame.exe (HKCU)
O9 - Extra button: Nostalgia Casino - {53425955-270E-4C94-A3A7-E130A3632FDD} - C:\Microgaming\Casino\Nostalgia\casinogame.exe (HKCU)
O9 - Extra button: Yukon Gold - {5CC8B214-247B-4E6D-9D9C-91FF2C01928B} - C:\Microgaming\Casino\yukongold\casinogame.exe (HKCU)
O9 - Extra button: Vegas Palms Online Casino - {6D764F60-B124-4830-A530-190BFB034125} - C:\Microgaming\Casino\vegaspalms\casinogame.exe (HKCU)
O9 - Extra button: River Belle Online Casino - {7F729741-BE43-4259-BC85-3923D7EF9B30} - C:\Microgaming\Casino\riverbelle\casinogame.exe (HKCU)
O9 - Extra button: Phoenician Casino - {8DF95E97-7088-4143-A200-E5EDBE7A8AB5} - C:\Microgaming\Casino\phoenician\casinogame.exe (HKCU)
O9 - Extra button: InterCasino USD - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - http://www.intercasino.com/?utm_sour..._campaign=home (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino USD - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - http://www.intercasino.com/?utm_sour..._campaign=home (file missing) (HKCU)
O9 - Extra button: 32Red Casino - {A1EAEF4E-0E18-4603-B4A2-CB18822F4AAB} - C:\Microgaming\Casino\32red\casinogame.exe (HKCU)
O9 - Extra button: Grand Mondial - {A89800AA-087B-4AF8-B8EB-D8C0C7DAC82A} - C:\Microgaming\Casino\grandmonaco\casinogame.exe (HKCU)
O9 - Extra button: UK Casino Club - {C2BCA2AF-2B28-49B1-9E4E-9C7339A41B3C} - C:\Microgaming\Casino\ukcasinoclub\casinogame.exe (HKCU)
O9 - Extra button: Casino La Vida - {C2E7EA8B-4A5D-4EC2-8BC1-21F43E139CD9} - C:\Microgaming\Casino\casinolavida\casinogame.exe (HKCU)
O9 - Extra button: Zodiac Casino - {D16C8C68-AD13-4B76-B708-1988BAAF1FB5} - C:\Microgaming\Casino\Zodiac\casinogame.exe (HKCU)
O9 - Extra button: Royal Vegas - {D7C1E539-3F0C-47CB-9DEA-D1B9C93D0203} - C:\Microgaming\Casino\royalvegas\casinogame.exe (HKCU)
O9 - Extra button: Casino Share - {E94015B2-6F24-4278-B642-29FEAF3D8236} - C:\Microgaming\Casino\Casino Share\casinogame.exe (HKCU)
O9 - Extra button: Challenge Casino - {FE92E2DC-805E-4E34-AC5E-DD188A612A7C} - C:\Microgaming\Casino\challengev2\casinogame.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16889 bytes

Can not find script??

0
0
Step 1
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Trojan blacklisted anti-malware sites

0
0
lease download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the Appropriate version for your system version
  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

CrushArcade virus, maybe others

0
0
Step 1
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Need help to remove MALWARE, ADWARE, PUPS and PUMs

0
0
There shouldn't be any pop ups on this site but guests will see more adverts than members

Next step


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version
  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Possible Cross Site Scripting, Javascript Injection Removal?

0
0
On looking more closely, I am even more confused and am moving back to malware rather than web design

It is likely that you downloaded an addon for one of your browsers that is malicious
probably one of the shopping discount or coupons addons

first step

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Dell Laptop Issue: Can't connect to internet :(

0
0
Hi tooti. My name is Firefly and I will help you with your computer. I ask you to follow a few ground rules while we are taking care of your computer:

I'm an Undergraduate trainee at MalwareRemovalUniversity (MRU), and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we begin...please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  4. Only- post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  5. Print each set of instructions...if possible...your Internet connection will not be available during some fix processes.
  6. Only- reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean". If you are in progress at another forum, please simply let me know so I can dedicate my time to others who need help.
  7. Failure to respond for 3 days, will result in your topic being closed.

Please take time to read the Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.


Malware removal:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


File Backup

For your safety and protection, I would advise backing up all your important documents, personal data files and photos as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

All of the Windows systems we support have backup capabilities. These existing programs will allow you to back up your files to an external hard drive, USB drive or CD drive.

Do not back up your files to the hard drive of the computer we will be fixing. If the computer becomes unusable, your files will still be gone forever. Every photo, every document… gone. Seriously. Do this now.

Here are links to using the backup programs in the various versions of Windows:

If you have internet connectivity, an alternative to backing your files up locally is to back your files up to the cloud, and there are a number of free and paid for services of this type available.

Below are links to a couple of articles with details for both free and paid for backup services ...

http://www.techsupportalert.com/content ... -sites.htm
http://www.pcmag.com/article2/0,2817,22 ... 745,00.asp

A word of warning - if you have a lot of data to backup, an online service can take days, weeks, or months. In this case, please consider using a local backup method (external hard drive, USB, etc.)

One way or another, it is critical that you backup your data before proceeding.


Finally, there will be several items to handle in each post (usually) so I will try to break them into easier to digest sections which will be demarked with Green Bold Lettering


Restore Point

First, before we do anything, we want to make sure we have made a backup of your computer's key information so that we can be sure to not make anything worse. Since I don’t know the OS you have, we will both make a restore point and do a system backup. If you are running Windows XP, please STOP and post back for different instructions. The items outlined below will NOT work.

To create a restore point: (win 7)
1. click on the Start button to open your Start Menu. Then
2. click on the Control Panel, then the System icon, and then finally click on System Protection in the left-hand task list. You will now be at the System Protection tab in the System control panel.
3. At the bottom of the window you will see a button called "create". A window will pop open allowing you to name this restore point - please name this "before malware fix".
4. You can then close the System window.

To create a restore point: (Win 8 )
1. Press the WinKey+X to display the system menu and click System.
2. On the left side menu, click System Protection.
3. In the Protection Settings section, click the C: (system) drive.
4. Click the Create button.
5. Type a name for the System Restore file (The Date and Time will be added automatically). Please call it “before malware fix”

Please also do the following:
Please download tweaking.com_registry_backup_setup.exe
Choose a download site for the installer... download and save it to your desktop. Do not click on the big green button at the top - this is an advertisement. Click on one of the yellow links under the word "installer" further down on the page
Double click on the "...setup.exe" program and install the program. Let the install use the default installation. How to tutorial here.

Once the program is installed...
  1. Double click the Tweaking.com Registry Backup icon ... on your Desktop to open the program.
  2. It should open with the Backup Registry tab selected and all file options checked. Check any that are not already checked.
  3. Click on Backup Now to create a backup of your Registry.
    You'll see "Waiting for Volume Shadow Copy snapshot..." this may take a few moments, just be patient.
  4. When completed you should see a message saying something like ... Successful ??/?? Registry Files Backed Up ... ?? is total number of files, both numbers should match.
  5. Close and exit the program.

Once these are done, we can move forward with repairing the issues you are having. PLEASE DO NOT PROCEED IF YOU HAVE ANY PROBLEMS WITH THESE FIRST TWO STEPS OR IF YOU RECEIVED ANY ERROR MESSAGES.


FRST Scan

Please download FRST ... by Farbar, from the link below and save it to your Desktop. Please be sure to use the version appropriate for your operating system.

For 32 bit Systems

For 64 bit Systems

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system: Start --> Computer (right click) --> Properties (left click) --> about halfway down the screen, your will see a line "System Type" which will say either 32-bit Operating System or 64-bit Operating System. Be sure to use the appropriate program, although you CANNOT damage you system if you choose the wrong one.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.


Next Steps

1. Confirm you were able to make backups, restore points, and use TCRB
2. Post FRST.txt
3. Post addition.txt

Super Slow Computer and Unresponsive Plugins

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz, Intel64 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 2037 Mb
Graphics Card: Intel(R) Q965/Q963 Express Chipset Family, 9 Mb
Hard Drives: C: Total - 305142 MB, Free - 200912 MB;
Motherboard: Dell Inc., 0MM599
Antivirus: avast! Antivirus, Updated and Enabled

Hello :)

My computer is quite slow and "freezes" often when we use it. Sometimes a MS Word document will take many minutes to open. Firefox is our preferred browser but we often get a warning "unresponsive plugin shockwave flash may be busy" or "unresponsive script".

So far, I have deleted many large files, cleared cookies and history. I also ran CCleaner, Malwarebytes Anti-malware, Avast and I defragged.

It's an older computer, but we're hoping to get it functioning better until we can afford a newfangled device.

Thanks in advance!

sweet-page issue

0
0
Hi britts,
Let's find the adware to start.
-------------------------------------------------------------
AdwCleaner Download and Run
Download AdwCleaner and save it to your desktop or somewhere you can find it.
Take care NOT to click on any ad, like from PC Optimizer Pro. The correct link is the button labeled "Download from Bleeping Computer".
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click the AdwCleaner icon on your desktop.
  • Click on the Scan button, accept any prompts that appear, and allow it to run.
    It may take several minutes to complete.
  • When it is done, the Scan button will be dim down, and it will wait for you to make any exceptions to its suggested removals. Don't make any exceptions or uncheck anything
  • Click on the Cleaning button, accept any prompts that appear, and allow the system to Reboot.
  • You will then be presented with the report. Copy & Paste it into a reply here.
  • If you lose track of the log, it is saved in this folder C:\AdwCleaner\
    The filename will be adwcleaner[xx].txt, where [xx] will be S1, or S2, etc. whichever filename is newest.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool
  • Download FRST64 and save to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST64 will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

So we are looking for the report from AdwCleaner, and the two logs from FRST64.
If you have problems with any of the instructions, let me know.

askey127

Help with google searching

0
0
thanks I will try this

PC running slow - getting worse each day

0
0
fix log

Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Jay at 2015-07-15 09:05:29 Run:2
Running from C:\Users\Jay\Desktop
Loaded Profiles: Jay (Available Profiles: Jay & Non Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe [529256 2009-08-10] (Toshiba)
HKU\S-1-5-21-4003833561-3746637655-2905894842-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-12] (Google Inc.)
HKU\S-1-5-21-4003833561-3746637655-2905894842-1001\...\Run: [Google Update] => C:\Users\Jay\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Jay\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [Not Found]
R2 sprtsvc_ddoctorv2; C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
C:\Program Files (x86)\Comcast\Desktop Doctor
S0 Lbd; system32\DRIVERS\Lbd.sys [X]


*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NortonOnlin eBackupReminder => value removed successfully
HKU\S-1-5-21-4003833561-3746637655-2905894842-1001\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
HKU\S-1-5-21-4003833561-3746637655-2905894842-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjapl odkpfmlo => key not found.
sprtsvc_ddoctorv2 => Service removed successfully
C:\Program Files (x86)\Comcast\Desktop Doctor => moved successfully.
Lbd => Service removed successfully


The system needed a reboot..

==== End of Fixlog 09:06:06 ====

Bad Image Error on Windows Vista – Please Help!

0
0
Hello everybody,

My computer has fell victim to the bad image error problem, which seems to be a pretty common problems. I've tried numerous different things to get rid of it, but whatever it is will just not go away on my computer. I've tried numerous different antivirus software, I switched from Norton antivirus to Kaspersky Internet Security, used MalwareBytes numerous times, and plenty of other things, but I haven't been able to get rid of it.

It shows up with anything I open. Anything from Google chrome, Internet Explorer, Notepad, Outlook, Firefox, CCleaner, Windows Sniping Tool, to probably anything else you can think of. It also show up many times at start up where it says setup.exe or startup.exe. Essentially, whatever program you can think of, it's likely causing this to show up. I've tried targeting specific things or uninstalling specific things, but so far this has not worked.

So I come to you guys here hoping for some sort of solution to this because everything I've tried so far hasn't worked.


I recently tried what is outlined in this old thread: http://forums.techguy.org/windows-vi...r-windows.html

As you can see from the post it instructs you to run something with registry editor, but that didn't work so then I downloaded HijackThis and did what the guy in that post instructed. When looking for this entry from HijackThis found:

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

I didn't find it. Apparently my computer doesn't have it, so I obviously couldn't fix it or get rid of it, and I still have this bad image error running rampant everywhere.

Here is the log that HijackThis gave me if that helps:

C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\ccleaner.exe" /MONITOR
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Virtual Keyboard - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} (CPlayFirstDinerDashControl Object) - http://download.playfirst.com/play/g...b.1.0.0.17.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://download.playfirst.com/play/g...g.1.0.0.32.cab
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - http://www.yoyogames.com/downloads/activex/YoYo.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.playfirst.com/play/g...utLauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/ins...loader_v10.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8754 bytes



I have a Dell Dimension DIME521 running Windows Vista SP2. What can I do to get rid of this and clean up my computer? Thanks for any help that you can give me.

My computer is acting really funny.

0
0
I have a windows 8 Toshiba Satilite laptop that is acting really weird. I am currently using my sister's laptop because of this. Anyway, Firstly, none of my internet browsers are opening up when I click on them. I have been clicking on them and waiting for a long time. Something similar happened to before, but it was only Chrome that wasn't opening. So back then. I downloaded "Adwcleaner" and I scanned my computer and I was able to open Chrome again. Now Adwcleaner won't open either and neither are my settings, where I can go into safe mode. Also, when I booted up my computer just now, I pressed all the F keys to see if I could get the special menu screens but nothing came up. So my laptop is basically useless. The only thing it can open up is one anti-virus program, Malwarebytes Anit-malware, which I scanned and it detected nothing. I don\t know what to do now. Help!
Viewing all 4746 articles
Browse latest View live




Latest Images