The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at

Back Door Trjoan, Seeking Advice on how to get Rid of it

Posted 6/11/2009 11:37 AM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
i have just noticed this forum and hope it can help me, if possible. My Antivirus "Avg" as alerted me that my computer as a "Trojan Horse, Back Door Generic 11.TDY" Path to file C Windows/System32/iGFXCFGEXE.

My computer is Windows Xp, it was Updated to Xp2, at the moment when i start the computer up it says the following - " Hard Disc" Status Bad, Failure Iminent, back up reccomended". Then press F2 to continue. It as said this for the past 2weeks and logs in as normal after i have pressed F2, though it is only this last week that Avg as alerted me i have "The Trojan". Please could you advise me on how to get Rid of the Trojan, i also have Ccleaner. I would be Gratefull of any Advice. Thankyou. Missy.

Ps. Do i Really need to get a New Hard Drive?
Posted 6/11/2009 11:57 AM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Hello maxP8,

In 2006 AVG had some scan setting errors, and was mistaking the legitimate Intel C:\WINDOWS\system32\igfxcfg.exe file by that same infection name. And I see in a few other web search finds it is doing it again. Very likely what is called a "false positive" error. If you haven't yet, perhaps if you update AVG and check they will have already corrected the error.

As for the other error, I do not recognize the error wording or what might create that. Most standard Windows error message related to hard drive problems are well known by the wording they use, and what you posted does not match any of those. What is saying you have those hard drive problems - is there some title at the top of the message that indicates that?
Posted 6/11/2009 2:09 PM
User avatar

DY Member

Date Joined Nov 2016
Total Posts: 1
Logfile of HijackThis v1.99.1
Scan saved at 9:59:43 PM, on 6/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\EnGenius\Common\RaUI.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\User\LOCALS~1\Temp\Temporary Directory 1 for\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: EnGenius Wireless Utility.lnk = C:\Program Files\EnGenius\Common\RaUI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
Posted 6/11/2009 3:06 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Hello DY. Please click the New Topic button at the top left of the Removal Help forum page
here and start your own request. That will allow maxP8 to continue with their own issues here without distraction. Thanks.
Posted 6/12/2009 3:21 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Jintan. Thankyou so much for Replying to my post. Im sure Avg is all Updated but, i will double check this, i got "Norton" the other day - " A Proper One", Should i put this onto my Pc? and of course take away Avg? Would this be better for my Pc, as the Avg is a free version? The mesage what appears when i turn my pc on, i shall write down what it displays and come back to you telling you in full what it is saying, Thankyou. B4 it said "Hard Disk Status bad" it used to now and again have a Start up problem, it would say the following -" Windows Aplogieses for the Inconvenience" , due to power cut, or change in hard drive, or software, how do you choose to start windows - Normally, Last known start up point etc. It used to do this now and again and it would take about 5-8 Attempts b4 it went to the "white arrow", since i have got this message about the hard drive it asnt done that and straight after i press F2 it loads. Sorry, i hope i havnt overloaded you here. I Thankyou again for you help, i shall write down what the computer actually displays now about the hard disk. Thankyou again. Maxp8.
Posted 6/12/2009 3:39 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Again Jintin. Okay i had a look and its just a black screen with white writing, at the start it just displays the name of the driver and the computer make and then the names Primary master,Primary Slave with the Details of them. After all that information it then says the following..

Primary Master Hard Disk S.M.A.R.T Status. Bad.

Warning. Imediate back up data and Replace.

Your Hard Disk Drive. Failure may be Iminent.

Press F2 to Continue.

F10 System Recovery.

Thats all it says. Any Advice is Gratefull on this matter,Thankyou So much again. Maxp8.
Posted 6/12/2009 8:15 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Darn, that is an indicator of a failing Hard Drive, regardless of the other AVG alert issue. S.M.A.R.T. is a drive self-check program, and there it is reading something about the drive that is failing it's self-testing. If you press F2 do you get a normal bootup, or is this now stuck only at that screen? There are some unique methods you can use to offload info when a drive has failed, but before I start doing any suggesting let me know if you can get into Windows still please.
Posted 6/12/2009 10:42 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Jintin. Thankyou for Replying to my post. Yes after the Initial warning, once i press F2 my computer loads up as normal. Would i be best getting a New hard Drive? Or can this be Mended. I got Quoted £38. for a 88Gb hard drive, from a computer shop that sells all the stuff as Pc World does but its cheaper as it doesnt provide the fancy packaging. Il wait untill i see your reply to decide what to do about it.
One more Question. It as been like this, the Warning message for about 2weeks now, would you have some sort of Guess as to how much longer it will last b4 i cant load up please. Thanks again for Replying, i never new this site exsisted and think its brillient how you help people. Thankyou. Il call back again to see what your Verdict is. Maxp8.
Posted 6/12/2009 11:13 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
If you post the brand name of the drive I can locate a file you can download to test the drive, more than likely. Without knowing just what the Smart alert is for it would really be difficult to guess at time issues. But if you do have a lot of personal data you don't want to chance losing you really should consider getting a new drive.

I am in the US, so my knowledge of prices is tied to that area. But for me, £38 (maybe about $62 USD) is okay, but perhaps not really necessary paying so much. Here is a vendor I use - not to promote one over another, but they ship for free, which is very important when dealing with online purchases (they add costs in the shipping). So if you do local searches for GB online vendors I bet you can find an equivalent one. Those drives I link to, and assuming you have an IDE drive (the fat, flat usually silver cable) are "white label", so can be well known brand names but unbranded as a discontinued item - one 80 Gb one there for the equivalent of maybe £17.
Posted 6/13/2009 8:56 AM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Jintin. Thanks for Replying again and helping me with this matter. Okay the Brand is.

Its a Hewlitt Packard Computer.

Phonenix Award Bios ( An Energy Star Allly) - ( didnt no if you needed this, but just to get it right for you).

Primary Master - Maxtor

Primary Slave - None

Secondary Master - dvd rom

Secondary Slave - Samsung CD-R/RW

I dont think you needed all of this but, i just wanted to make sure you had the information you need. Thankyou again.

Oh and on the Date Side, No i dont have Data i need to worry about loosing really, just music which i can store again.

Do hard drives just go through Wear and Tear? Though the last time i replaced a hard drive was 3years ago, i was wondering how long they are meant to last about.

Sorry for all the Questions, i just want to get this sorted out, i keep expecting it to just fail on me, im suprised it as lasted this long from when i first got the warning.

Thankyou again. Maxp8.

Ps. Any Help/Advice is Appreciated.
Posted 6/13/2009 11:56 AM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
That seems way to short a time to be needing another drive replacement, though the last few drives I have come across that completely failed did happen to be Maxtor. Maxtor was bought up by Seagate, so the diagnostic Seatools for Windows can be downloaded here. It does require you have Microsoft .NET Framework v2.0 installed to use. I have not tried this latest version of Seatools but it usually is self-explanatory to use - if I get time later today I might give it a test run myself.

DY, if you are still monitoring this thread your system has a messy autorun worm infection, so be sure to start a request thread to get that cleaned up.
Posted 6/13/2009 12:34 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Jintin.
Thanks, yes i defiantely didnt expect to be needing a new hard drive after only 3years, its not like i "Hammer" it so to speak, i dont even download lol, so i wouldnt like to think i have to get a hard drive every 3years. My computer is 6years old if that means anything.

Can i ask you, should i put the "Norton" on to my computer, my brother bought it for his but, it says it can be used on up to 3 computers and i wondered if this would be better.

Avg as the "Trojan" in its Virus Vault, should i Delete it? Or leave it in the Vault?

Thankyou for your time, il pop back again to see what you suggest.

Will it be new hard drive or not, ahhh lol.

Posted 6/13/2009 4:14 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
The file you first indicated was removed by AVG was a legit file, so can be returned from it's quarantine. You can double-check immediately after that by disabling your antivirus program and going [URL=""]here[/URL] and run an online scan using ESET Online Scanner (you will need to use Internet Explorer for this scan). If you accept the Terms of Use, check the box and click Start. After the ActiveX Control has loaded, it will take a couple minutes for the scanner to get ready. Next, check the following boxes:

Remove found threats
Scan unwanted applications

Click Start. This scan may take a while, so please be patient. Eset locates and also removes malware, but this can also serve as a check against what AVG is finding. A log may open when the scan is complete (if not, go to C:\Program Files\EsetOnlineScanner\ and open the file log.txt). Click Edit - Select All then copy/paste that log back here.

Among the well known AV softwares the final choices really are those of the user. If your Brother finds the install of Norton to work well on his system, and it is already a paid-for copy, then that would seem like a good choice.
Posted 6/15/2009 4:02 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey Jintin, thankyou, i will follow your instructions. With any other computer issues, do i start a new thread? Or do i post on this one?
THankyou again. Maxp8.
Posted 6/15/2009 4:09 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey again Jintin.
I just wanted to ask you, is my computer okay to use while that Warning message about the hard drive is still there when it first gets turned on? Its been a good 3 weeks now since it first appeared and its starting up okay, i keep expecting it to fail on me but, for now its working. Tks.
Posted 6/15/2009 4:12 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Glad to be of assistance. For any current issues involving this computer you can discuss them in this current thread. Though non-malware issues are likely more realistically addressed in forums with general computer help forums, like this one. Your choice either way.
Posted 6/15/2009 4:28 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Hey again Jintin. The site for the Scan, when i click on the "Here" bit, its not coming up, just blank page, is there another link you could give me please. Thankyou again.maxp8
Posted 6/15/2009 4:37 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Sorry to bother you again Jintin but, i just wanted your advice with you being knowledgable with computers. Should i be thinking about going and getting a New Hard Drive any time soon, as i keep wondering if my computer is just going to fail on me with that warning message but, for the moment it as been loading up fine, its puzzling me lol. thankyou again.
Posted 6/15/2009 10:41 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
You really should make the effort to download and run that Seagate drive tester software, and make decisions based on the results of that.

And as we have this thread open why not run some scans and post the logs for review. Just on the off chance some other activity is involved in these issues (very off chance).

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.

Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.


Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.

If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
Posted 6/16/2009 2:10 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
hey Jintin, i shall do that, thankyou. Then put the results here and see what you can find out. Thankyou for your help. Maxp8
Posted 6/16/2009 2:22 PM
User avatar

maxP8 Valued member

Date Joined Nov 2016
Total Posts: 13
Once i have used these programes, do i then need to remove them, or do i keep them on my computer? Thankyou.
Posted 6/16/2009 10:50 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
If you check some of the other completed repair threads in these forums you will see we always close with steps that include the removal of the tools/programs we add to systems. But I am unclear why you started a new request on the hard drive symptoms. Have you installed and run the drive diagnostic scan tool yet? I had two computers come in today with drive fail issues. One had been getting those errors, and yesterday the hard drive continued to fail to boot. It also failed my diagnostics and check methods, and I can tell some electronic component itself has some fault. When this occurs simple data recovery is not possible. The other is an IDE drive (flat cable) with the errors you are getting, but so far the drive passes the diagnostic checks. I suspect a BIOS/CMOS-related issue.

So just asking for ideas in new threads would not be as helpful for you as getting that diagnostic scan run right now.
Posted 6/17/2009 6:42 AM
User avatar

Virusbegone Member

Date Joined Nov 2016
Total Posts: 1
Has anyone experienced the iexplorer opening stuff and messing around the internet besides me? No really though, I was just watching a movie and suddenly heard clicking noises, all of the sudden gossip of Bruce Wills start clogging up my cpu usage it was about how he has someone new in his love life.. Anyways back to the point, I open up task menu and find roughly about 40,000k to 80 usage every time I hear a clicking noise. Does this affect the virus scans because I can't seem to open them? I will have a look at these codes. Thanks for posting this in advance I really do hope that I can get my system fully operational again.
Posted 6/17/2009 12:10 PM
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Hello Virusbegone,

Sounds like their may be some type of rootkit active there. But you need to start your own request thread, then one of us will assist you there. Just click the New Topic button at the top left here to do that.
Posted 11/1/2009 5:30 AM
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Since this issue appears to be resolved ... this Topic has been closed.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.

  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, October 1, 2022, 7:58 PM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,573 registered members. Please welcome our newest member, iAwake.
46 Guest(s), 0 Registered Member(s) are currently online.