Computer Support Forum

Reason for Spybot S&D removal from How to Protect yourself from malware thread?

Question: Reason for Spybot S&D removal from How to Protect yourself from malware thread?

Hi

I was just wanting to know the reason why Spybot S&D was removed from the "How to Protect yourself from malware!" sticky.

I am using version 1.6.2 since I found the newer v2 to be quite bloated and annoying. Should I still be using 1.6.2 since it still downloads the lastest malware signatures? Or is there an important reason why it was removed as a recommended antispyware tool?

Cheers
Sam

Relevance 100%
Preferred Solution: Reason for Spybot S&D removal from How to Protect yourself from malware thread?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Reason for Spybot S&D removal from How to Protect yourself from malware thread?

Just not that useful anymore and as you noted V2 is too bloated. We also never liked Teatimer.

You can still use the old version and make use of the bad download blocker and hosts file protection if you wish but I would not use Teatimer. Modern antivirus programs already included antispyware too.

1 more replies
Relevance 77.08%

I have read this threadhttp://forums.majorgeeks.com/showthread.php?t=44525 and i am paying particular attention to #5 AntiSpyWare Tools, and it states ONLY USE 1 REALTIME BLOCKER So my question is, i use ESET'S nod32 Antivirus to protect my machine, but it has antispyware protection included. I also have Malwarebytes Pro providing real time blocking, so am i in effect useing more then 1 realtime blocker? If so what do i do about that? I paid for Malwarebytes Pro, not using it will defeat it's purpose and be considered a waste of money!
 

Answer:How to Protect yourself from malware Thread

You;re fine. One AV only, but you can have more than one AS (Anti-spyware ).
 

3 more replies
Relevance 68.47%

I did a hijackthis scan and here's what I got:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:18:17 PM, on 4/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\System32\DVDRAMSV.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exeC:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exeC:\WINDOWS\System32\00THotkey.exeC:\WINDOWS\system32\TFNF5.exeC:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exeC:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynT... Read more

Answer:Malware Blocking Acess to Spybot, Microsoft Malicious Removal Tool and other anti-malware programs

Hey guys I solved my own problem. I completely reinstalled windows. (It was about that time anyway)

2 more replies
Relevance 68.06%

Hello,
Would someone kindly review my Log Files. HostGator had sent me this majorgeeks malware removal link. I completed all the steps and would like to know if I'm at risk.
Much gratitude for such a thorough Malware post. It was very well laid out easy to follow!
Warm Regards,
Paul
 

Answer:Malware Log Review removal thread

Re-run Hitman and have it fix what it found. Then rescan with Hitman and attach the log. Be sure to tell me what issues you are having, if any.
 

3 more replies
Relevance 68.06%

I had gone thru a malware removal thread thaqt required me to install about 5 programs, rum them, and post the logs.

This thread is gone!!!!!

The malware removal thread that is stickied, only has u run CC CLeaner. The previous thread had that as the 1st step, then u had u do others, (one required you to download the program directly to C drive, and installing it from there).


HELP!!!!!!!!!
 

Answer:Malware removal thread is missing!!!!!!

found it! whew....
 

2 more replies
Relevance 68.06%

ran DDS wil post DDS.txt along with other instructions from referral (gmer etc) but can't get attach.txt file to show up on notepad.

But, making progress and it is much appreciated!

Answer:Referral from XP thread - Malware Removal

As mentioned above, couldnt get/see the attach.txt file from DDS. Here are the DDS.txt and Gmer files and the answer regarding cd boot disk

Issue started as repeating boot loop, got past that through use of boot cd but was unable to run and .exe files. I fixed that using xp_exe_fix but still can't access IE or other files. I tried a regedit fix recommended by a contact but that proved to be too confusing, concerned I may have hurt more than helped with that effort.

1. DDS

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_21
Run by HP Owner at 20:38:04 on 2012-01-23
.
============== Running Processes ===============
.
\??\C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\system32\ctfmon.exe
E:\dds.scr
C:\WIN... Read more

2 more replies
Relevance 68.06%

applications closing by themselves? Help please

Hi there, Firstly Hi, I hope that I am posting in the correct forum!
I am fairly hopeless when it comes to computers and I have been having this problem for sometime...it originally started when I was using internet explorer, I now use Firefox and it didnt happen for a couple of months but has started again and now happens whilst I am in other programs such as word, or window explorer or anything really...

this is what happens..... everything goes crazy, it is like the mouse has had an attack and randomly starts opening and closing programmes and prompting me and beeping and acting as if I have clicked a million things (which I havent)
It is very hard to explain... we have tried nearly every free virus checker under the sun. Spyware, and malware detectors.. and then yesterday I found your site. I found a thread which took me through all the scans I need to do to get your advice.
I have followed the instructions to the best of my ability. I have copies of the logs from counterspy, bitdefender, but I was unable to get a report from the panda activescan although it said I had one spyware. It only gave me an option to buy the program not to print a report..so I dont have a report for that one.
Anyway here are all the things I have collected....
counterspy.txt
bdscan.txt
runkeys.txt

and I will repost on this thread to add the other two
thanks
sammi
 

Answer:question re: malware removal thread..

Re: applications closing by themselves? Help please

here are the other logs..


I hope I have done everything correctly I was petrified the entire time. lol

I would appreciate any help that you may be able to give me...

ps. my computer is very very old but cannot afford to upgrade at the moment.

If you need any other information I will be happy to try and supply it.

thank you very very much in advance
cheers
sammi:wave
 

16 more replies
Relevance 67.24%

Hi, i'm having a problem with my web browser since using the malwarebytes anti-malware scan. Before I ran the scan and removed the infections it found, I was able to open webpages and go to sites although when i would try to search it would redirect the page. After I ran the scan and deleted the infections, I tried to open a webpage and it said it couldn't display it although I was connected to the internet. One of the things the scan found said "adware.mywebsearch" I would assume that was the reason it was redirecting the page. As of right now, I have done a system restore to a point before i removed the infections so i could display a webpage to get help. If someone can please help me, I would be very grateful.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Leslie at 14:54:14.01 on Wed 05/06/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.496 [GMT -4:00]

AV: CA Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEn... Read more

Answer:malware agents/koobface,spyware protect removal

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 67.24%

Previous topic that was closed located here: http://www.bleepingcomputer.com/forums/t/293047/dns-changer-trojan/ This topic in response to the instructions in that topic. ~ OBHi there,Thanks so much for your advice, sorry it took me so long to do it, I'm a teacher so always so busy. Below is a copy of the log you requested in step 2 after combofix scan had run. i have not completed step 2 yet but will do this straight away after this.Thanks again ComboFix 10-02-11.04 - Laura 12/02/2010 16:51:29.2.1 - x86Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.1015.275 [GMT 0:00]Running from: c:\users\Laura\Desktop\quackduck.exeAV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}.((((((((((((((((((((((((( Files Created from 2010-01-12 to 2010-02-12 ))))))))))))))))))))))))))))))).2010-02-12 17:08 . 2010-02-12 17:09 -------- d-----w- c:\users\Laura\AppData\Local\temp2010-02-12 17:08 . 2010-02-12 17:08 -------- d-----w- c:\users\Public\AppData\Local\temp2010-02-12 17:08 . 2010-02-12 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp2010-02-12 11:43 . 2010-02-12 11:43 -------- d-----w- c:\programdata\SITEguard2010-02-12 11:40 . 2010-02-12 11:40 -------- d-----w- c:\program files\STOPzilla!2010-02-12 11:40 . 2010-02-12 11:40 -------- d-----w- c:\program files\Common Files\iS32010-02-12 11:40 . 2010-02-12 17:09 -------... Read more

Answer:trojan/spyware/malware removal - new thread

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

2 more replies
Relevance 66.83%

Unless you are an authorized Majorgeeks Malware Expert/Helper/Malware Fighter, please refrain from posting in this area of the forum unless of course you started your own thread here asking for help with malware removal.

Thanks for understanding.
 

More replies
Relevance 66.83%

Today i got a bug.Copied this from malware removal,
While using my laptop today, I had a 'Security Warning' pop up. It said:

Application cannot be executed. The file [insert file name here].exe is infected. Do you want to activiate your antivirus software now?

This has been popping up every few minutes with different file names. Other windows have been popping up, telling me I need to install this or that to get rid of the virus. I did restart my computer once, but its still here.

It's also opening up explicit material websites and viagra websites.

I hope this is specific enough.

Just now another window popped up that says attention! Spyware aler!Vulnerabilities

I am running XP pro.I am also getting a small box that says :
Attack from 161.219.239.1,PORT 32145
Attack port 12647
Thread Win32/nuqel.E.
Let me know what else you need to know.
When I go to Malware removal that same Window security alert comes up..
Seems as though quite a few people I know got this today.

I had AVG but could not open it today.So I uninstalled with the intention of reinstalling it.Well this virus will not let me finsih installinfg it.
Also I tried to go to system restore but the virus will not let me in...
 

Answer:Virus problem and can't post in malware removal thread

9 more replies
Relevance 63.96%

I'm semi-tech literate but mostly illiterate. Thank you for your time!I'm using Windows Vista Home Premium; SP2 on Dell Studio 1737.Using IE8. I didn't download any file, but by searching for videos, I suddenly got messages popping up telling me that my computer had been infected. The most unbelievable one including this sentence "Click here for the scan you computer." It also had pop ups asking me to activate my anti-virus software which I did not accept. It also started to do some type of scan which I X'd out. After that when I tried to open any files, such as Spybot, Task Manager... I'd get a taskbar bubble saying that the file was infected and it wouldn't open. For some reason Norton was able to open, but the scan found nothing. It also periodically opened webpages in IE.I restarted in Safe Mode and ran SpyBot. It removed 4 "Malware" files (Sys.Guard) among some tracking cookies. I also ran ad-aware which found nothing and norton again, finding nothing. I ran AVG from safe mode and it found nothing. I restarted in Normal mode. All the pop ups had disappeared. Everything seems to be working normally, except that now it appears like I'm not the admin of my own computer. For example, when I used HiJack This, I got a box saying there were some files it could not open because I didn't have admin rights. When I right click on icons it has the option to run as "administrator". Through HiJack This I got a report wh... Read more

Answer:Trojan/Malware; Spybot Removal but Admin change?

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

21 more replies
Relevance 63.96%

Hello,Today my computer was affected by a malware which redirects me to a search website which makes me install malicious programs, I manager to get rid of those programs by Spybot. But google searching sometimes redirect me to those website (about 1 out of 5 clicks). I scan my computer with Malwarebyte/Spybot in Safe Mode but I couldn't find anything. In addition, I cannot do windows updates, it keeps lagging and it doesn't response. Please help me fix this, I really need my computer to be safe soon before my school project presentation. I only have DDS report, GMER doesn't work for me (keep crashing with blue screen). Thanks in advance. UPDATE 1: I get redirected even not using google! Sometimes I browse around websites and then bring me to those malicious sites!Update 2: Here's what I got from AVG virus scan:"C:\Windows\System32\wuauclt.exe (5388):\memory_00010000";"Trojan horse Agent_r.XJ";"Object is inaccessible.""C:\Windows\System32\wuauclt.exe (5388)";"Trojan horse Agent_r.XJ";"""C:\Windows\explorer.exe (1060):\memory_00010000";"Trojan horse Agent_r.XJ";"Object is inaccessible.""C:\Windows\explorer.exe (1060)";"Trojan horse Agent_r.XJ";""DDS (Ver_11-03-05.01) - NTFSx86 Run by Kenny Tang at 14:41:17.71 on 22/03/2011Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: ... Read more

Answer:Google redirect malware residual after Spybot removal

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

17 more replies
Relevance 63.96%

Hi, apologies If I have not done this correctly.... First post.

I am unable to run Combofix in Safe Mode or Unsafe, Spybot and Malwarebytes, I can click the .exe shortcuts but nothing happens. I realised I had a problem when my google started redirecting to other sites then just crashing or going to blank screens. See my scan below, and attached unfortunatley unable to run any other screeners etc as I cant get them to startup.

Not sure how complex this problem is but it would allowme to login or register to your site on the problem pc, when I clicked agree to terms it came up you didn't agree etc. Then when I registered on the other comp I still could'nt and can't login on the problem pc....

Thanks in advance for any support
Kevin
DDS (Ver_09-02-01.01) - NTFSx86
Run by kev at 16:52:41.02 on 22/02/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.5.0_12
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.536 [GMT 0:00]
AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EX... Read more

Answer:Unable to Run any Malware removal tools Combofix Spybot etc

My Combofix log after running, I got this running after changing the name.

ComboFix 09-02-21.01 - kev 2009-02-23 22:15:15.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.701 [GMT 0:00]
Running from: c:\documents and settings\kev\Desktop\ComboFix1.exe
AV: AVG 7.5.552 *On-access scanning enabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_006126_.tmp.dll
c:\windows\system32\_006127_.tmp.dll
c:\windows\system32\_006128_.tmp.dll
c:\windows\system32\_006129_.tmp.dll
c:\windows\system32\_006135_.tmp.dll
c:\windows\system32\_006136_.tmp.dll
c:\windows\system32\_006137_.tmp.dll
c:\windows\system32\_006138_.tmp.dll
c:\windows\system32\_006139_.tmp.dll
c:\windows\system32\_006141_.tmp.dll
c:\windows\system32\_006142_.tmp.dll
c:\windows\system32\_006145_.tmp.dll
c:\windows\system32\_006146_.tmp.dll
c:\windows\system32\_006148_.tmp.dll
c:\windows\system32\_006149_.tmp.dll
c:\windows\system32\_006150_.tmp.dll
c:\windows\system32\_006152_.tmp.dll
c:\windows\system32\_006155_.tmp.dll
c:\windows\system32\_006156_.tmp.dll
c:\windows\system32\_006160_.tmp.dll
c:\windows\system32\_006161_.tmp.dll
c:\windows\system32\_006163_.tmp.dll
c:\windows\system32\_006166_.tmp.dll
c:\windows\system32\_006168_.tmp.dll
c:\windows\system32\_006169_.tmp.dll
c:\windows\system32\_006170_.tmp.dll
c:\windows\system32... Read more

3 more replies
Relevance 61.09%

Got some sort of trojan virus. Downloaded an anti virus program which caught the virus and quarantined it. Then deleted the anti virus program because it was a process hogger.

The reason I downloaded the anti virus program was because spybot was not updating and I was getting weird internet activity such as redirects to verizon.net search page, 404 errors when I tried to install spybot (after de-installing it).

I believe the virus is still in the computer. BECAUSE i cannot even download antimalware programs from major geeks and any web site i go to related to spybot downloading get 404 error or "Internet Explorer cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.

What you can try:
Diagnose Connection Problems

More information"

SO THIS IS MY PROBLEM. I have run cc cleaner, but am out of luck with spyware programs running, because either cannot download them, or once they are downloaded, they wont update. It seems the virus knows spybot and refuses to even let me go to spybots web site.
 

Answer:cannot update spybot or download major geeks malware removal programs - virus trojan

Re: cannot update spybot or download major geeks malware removal programs - virus tro

Welcome to Major Geeks!





mpurchases said:





Then deleted the anti virus program because it was a process hogger.Click to expand...

Very bad idea!


Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.
After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip ge... Read more

1 more replies
Relevance 57.4%

Reason Core Security detects, blocks and removes harmful malware, adware and spyware faster then any other single product on the market. At the core, Real-time Protection prevents malware, adware and unwanted programs from sneaking onto your PC and Bundle Protection blocks unwelcome offers from being installed with software you download. Unlike most anti-virus products, Reason Core Security won't slow down your computer or consume unnecessary resources. It's quiet and unobtrusive, just like security should be.

With cloud-based scans you are always protected against the most recent threats. No longer are you required to do daily updates of massive database signatures that only protect you against known threats since the last update.

Reason Core Security's bundle protection prevents you from checking unwanted offers and downloading potentially unwanted programs during the installation of software (technology bought in when Reason acquired the rights to use Unchecky).

Reason Core Security is a Reason Software Company product, powered by a team of very talented programmers, malware hunters and visionaries lead by Andrew Newman. Andrew was the co-founder and chief software architect for GIANT Company Software, acquired by Microsoft Corporation. GIANT Company was a leader in the anti-spyware and anti-spam industry pioneering many innovations that used machine learning and behavior analysis over distributed networks to rapidly combat malware. This network later bec... Read more

Answer:Reason Core Security 1.1.x Update Thread

Very interesting software! has anyone given this a try yet?
It is compatible with any AV per the vendor but I have not tried it yet and wondered if anyone has given this a try to see how it behaves
I will definitely download the free version and give it a go
 

66 more replies
Relevance 56.17%

I have a custom built system that started rebooting uncontrollably after uninstalling spybot. Now I can't get it to work without rebooting. I've tried last known config, safe mode, etc.. all result in reboot. Any ideas would help.

Win 98/2K dual boot. Win 98 side works fine. Win 2k is the issue.
 

More replies
Relevance 55.76%

Spybot found this, has any body had it, and how did I get it? Product: B3D Projector/ Brilliant Digital Entertainment/ Threat Stealth Network. Functionality: Plays 3D online files, stealth P2P network.URL: xxx brilliantdigital.com.The BDE software contains technology that allow Brilliant Digital to turn every computer with BDE installed into a node of a Brilliant Controlled network, thus Brilliant could use your computer for distributed computing without your knowledge.So any comments/answers!! Thanks: DW.

Answer:Reason Why You Need Spybot&Adaware

brilliant is generally associated with kazaa (probably the full version) and may not work if removed because it was part of t&c but hey if i am on the wrong track someone will undoubtedly tell me.johnny.

10 more replies
Relevance 55.35%

Chas, As you said, lets have a new thread, since the others were getting pretty long and contained much which was no longer relevant. So we can let them drift back into the nether world of old pages!

I, infact, did NOT know about page 1, 2 etc in a given thread. Thanks for telling me. That made it OK.

I think maybe we're getting near the end. Sure hope so!

Let's take them in order:

=======================================
1. LAPTOP
Seems to be working fine. I still pick up a lot of stuff, though, when I run AA. I just ran it and since it found about 30 things I'll reproduce it here. It's odd because there has been no browsing on that computer since I cleaned it last night. My wife did check and reply to some eMail on it but no attachments, other than a couple of photos I sent her from mine.


ArchiveData(auto-quarantine- 23-06-2004 14-18-58.bckp)
======================================================
PEOPLEONPAGE
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
obj[0]=Folder : c:\program files\SysAI
obj[8]=File : c:\windows\system32\mllerror.exe
obj[9]=File : c:\windows\system32\mmfbrand.exe
obj[18]=File : c:\program files\sysai\ace.dll
obj[19]=File : c:\program files\sysai\sysai.exe
obj[20]=File : c:\program files\sysai\proxystub.dll
obj[21]=File : c:\program files\sysai\libexpat.dll
obj[22]=File : c:\program files\sysai\wingenerics.dll
obj[23]=File : c:\program files\sysai\uninstaller.exe
obj[24]=File : c:\program f... Read more

Answer:Chaslang, Spybot, new thread

Bill,

Let's start by downloading and running CWShredder and the CoolWWWSearch.SmartKiller

http://www.majorgeeks.com/download4086.html
http://www.majorgeeks.com/download4113.html

Run those and on both PC's.

Next we need to get some blocking in place. Use the Immunize feature of SpyBot on both PCs and then also download and install Spyware Blaster to both: http://www.majorgeeks.com/download2859.html

One more thing, try cleaning both PCs with Ad-aware & SpyBot in safe mode too.

I've go to run right now. Got a ball game. Be back in about 10:30 to 11:00 PM EST.
 

39 more replies
Relevance 54.53%

I'm trying to find a good spy protection program for a medium sized business (that I work for). Spybot seems to be one of the few that protects from spyware, rather than just cleaning it. The thing is, I don't want my users to have to run spybot every week or something, I want it to happen in the background for the most part, which is what I'm guessing spybot's immunize (and new TeaTimer aspect) will do.

If not spybot for this, then is there something else?

(And I'll probably send the guy some money if we do end up using spybot, no worries).
 

Answer:SpyBot Immunize - How good is it? - What would you use to protect from spyware?

Spybot is what I use, and so far I've had no problems. I'd highly recommend it
 

6 more replies
Relevance 54.53%

Hi all

Spybot - Search & Destroy 2.6.46.0 is out now

Spybot 2.6 is here!

Spybot - Search & Destroy Anti-malware & Antivirus Software

With best Regards
Mops21
 

Answer:Spybot - Search & Destroy 2.x Thread

Woah! those were the days when i last time use it, maybe early xp days, i do not remember , maybe i will take a look, thanks Mobs!
 

1 more replies
Relevance 54.53%

I made the image below to show when Spybot Search & Destroy was last updated. Much easier than posting a new thread every time Spybot is updated.
The image is updated every 6 hours (I could have it update every time you view the image, but then its really slow).

Hopefully I will add more spyware/Antivirus updates soon!
 

Answer:Spybot Thread - Automatically Updated!

10 more replies
Relevance 53.71%

I recently ran Spybot - Search and Destroy, and wound up with some 116 problems. Upon fixing them, I noticed that one was Virtumonde, a problem I've had with on a previous computer. After trying to fix it by Spybot (and failing), I did exactly what I had done in my previous encounter - went to VundoFix and ran it. Came back with nothing. Thinking that it was a mistake, I looked online and found another. VirtumondeBeGone was also unsuccessful. I've looked around on this website before and saw that there was another individual with a similar problem. I followed the previous advice and used Malwarebytes Anti-Malware's File Assassin to delete the file. I ran Spybot again, and it is still there. The location is unchanged: C:\Windows\System32\rcpnet.dllPlease help!!

Answer:Spybot Detects Virtumonde - Both Spybot and Malware Can't Delete It

http://www.computerhope.com/forum/index.php/topic,46313.0.htmlgo to above post the 3 logs here an expert will see them , harryyou can also read this belowhttp://www.computerhope.com/search.htm?cx=003411668307610607965%3Ah4yba8pbdco&cof=FORID%3A9%3BNB%3A1&q=virtumonde&sa=Search#1297

8 more replies
Relevance 52.48%

Ok this is weird. I run Ntl netguard, and Spyware Doctor. A few days ago, SpyDoc refused to auto update. Nothing strange thought I, site must be down.

Well its been four days now. Then I noticed I couldn't connect to Microsoft to do updates either. On further investigation, I found I can't connect to ANY legit malware sites. I have run Spybot, Ntl netguard, Malware Byte's anti malware, and Norton AV, none found anything wrong.

However, I tried setting up a proxy within Firefox, and CAN connect to the sites I couldn't otherwise. (albeit incredibly slowly).

As things stand, I can't update any malware software, and assume my poor PC must have caught something new and nasty.

Please help

Hi jack this follows:-

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:08, on 19/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterSer... Read more

Answer:Help Pls! Can't update Malware Protect or Visit Any Malware Sites

sorry, bump
 

2 more replies
Relevance 51.25%

How to remove write protect from a pen drive

More replies
Relevance 51.25%

Hello,Our internet would not work and ran our virus program.  We detected Web Protect Adware on our computer and are having trouble deleting it.  I saw a similar post on your forum and ran the ComboFix program.  Combo Fix found Rootkit, and the adware that we had found was Web Protect (MyOSProtect).  Here are the results of our ComboFix scan:Any ideas what else we need to do to get internet access and make sure all viruses/adware/malware are gone?  Internet will still not work!  Thanks!! ComboFix 14-10-15.01 - Morton 3 10/19/2014  22:20:05.1.2 - x86Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3037.1969 [GMT -4:00]Running from: E:\ComboFix.exeAV: McAfee VirusScan Enterprise *Enabled/Outdated* {ADA629C7-7F48-5689-624A-3B76997E0892}FW: McAfee Host Intrusion Prevention Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point * Resident AV is active...(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))..C:\ENDc:\programdata\2308189059c:\users\Morton 3\g2mdlhlpx.exec:\users\Morton 3\GoToAssistDownloadHelper.exec:\windows\$NtUninstallKB11680$c:\windows\$NtUninstallKB11680$\2825438025..(((((((((((((((((((((((((&#... Read more

Answer:Web Protect Adware removal help!

Hello buckeyesandy, welcome to Bleeping Computer's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. 
 
======================================================
 Please read through the points below to ensure this process moves as quickly and efficiently as possible.
Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.  
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
Topics are locked if no response is made after 4 ... Read more

3 more replies
Relevance 51.25%

Hi

I am new to this so bear with me if I get something wrong!

I have run Deckard's System Scanner (DSS) and below is the report main.txt from my PC. As requested I (hope) attach extra.txt.

Thanks.

003

Deckard's System Scanner v20071014.68
Run by Allan on 2008-03-20 10:21:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
42: 2008-03-20 10:21:34 UTC - RP664 - Deckard's System Scanner Restore Point
41: 2008-03-17 10:28:49 UTC - RP663 - Installed Ad-Aware 2007
40: 2008-03-15 14:56:22 UTC - RP662 - System Checkpoint
39: 2008-03-14 08:19:47 UTC - RP661 - Software Distribution Service 3.0
38: 2008-03-11 18:16:14 UTC - RP660 - System Checkpoint


-- First Restore Point --
1: 2007-12-17 10:15:39 UTC - RP623 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-20 10:27:57
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
... Read more

Answer:virus protect web removal

Bump Over 72 Hours

1 more replies
Relevance 51.25%

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:17:38 AM, on 2/26/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\ytbb.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Ellis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BV5K38JH\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&...tCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=571694703&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microso... Read more

Answer:Search Protect Removal

Used MalwareBytes software to remove the SearchProtect malware.
 

1 more replies
Relevance 51.25%

i somehow got spyware protect 2009 on my computer, and i'm having trouble getting super anti spyware or malware bytes to open. i've tried a couple other scanners and they say i'm clean.
DDS (Ver_09-03-16.01) - NTFSx86 NETWORK
Run by Warehouse at 10:19:05.40 on Thu 04/02/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.759.527 [GMT -4:00]

AV: Eset NOD32 antivirus system 2.50 *On-access scanning enabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Warehouse\Desktop\dds.scr
C:\WINDOWS\System32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = ie... Read more

Answer:Spyware protect removal

that scan was done in safe mode.... just wanted to throw that out there in case it makes a difference.

i've been doing everything in safe mode because there are so many sites i can't get to when i boot up normally

17 more replies
Relevance 50.84%

 Unfortunately, my computer is infected with winspyware protect and has been getting worse for two days. I run McAfee and it does not find it nor did it prevent the infection. I am not savy enough to manually remove the infection, therefore my question is: is there a tool that is trustworthy and novice user friendly as shareware or purchase that I can download to rid my system of this pest. Thanks

Answer:Winspyware protect removal tool

If you mean Antivirus when you said 'tool', there is Avira and AVG Free.As for removal, I would look here.http://www.computerhope.com/forum/index.php/topic,46313.0.htmlIf you post the three logs there, one of our Malware Specialists will help give you a clean bill of health. 

14 more replies
Relevance 50.84%

Computer has been noticeably slow and sluggish for the past month. I have AVG (free version) as my main anti-virus program and also frequently run Spybot, Malwarebytes and Ad-Aware.

Last week things started getting worse. I ran a remote scan from Bit Defender's website and it reported to find viruses on both my operating hard drive and my old hard drive (which I knew to be infected with a virus that I'm slaving off the main hard drive). Bit Defender reported to have removed the viruses off the main hard drive, but it also reported that it was unable to remove some of the viruses off the older slaved hard drive. I'm not necessarily concerned about the older infected slaved hard drive as I simply use it to pull off old files such as MS Word docs, Excel docs and pictures and music.

After running the Bit Defender remote scan and seeing the report, I thought everything would be good again but in fact things took a turn for the worst. Immediately after the Bit Defender scan I started getting the following pop up message in the lower right hand corner of my screen:

"Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now." Note the poor grammar. Dead giveaway in my opinion that this is some type of bogus spyware.

Additionally, I'm unable to run any of my anti-virus/malware programs. When I try to... Read more

Answer:Need help with removal of Spyware Protect 2009

8 more replies
Relevance 50.84%

I have a laptop in our company which caught the antivirus 2009 last year but was successfully removed but now it has got spyware protect 2009 malware which is a nightmare.

The machine now has a intermittent pop up saying it is infected with numerous viruses etc and need to use antispyware to get rid of and doesn't allow me to download anything and redirects with a fake 'Microsoft this site is untrusted' page . It has disabled the avast! virus protection and task manager and has completely crippled the speed of the machine to a point where it just freezes.

I went in via Safe mode and disabled system restore and downloaded and run CCleaner to get rid of any temp files and then downloaded MalwareBytes but am unable to install at all to run a scan to try and get rid of. Is there any other programs or ideas out there?

Many thanks
 

Answer:Help on Spyware Protect 2009 Removal?

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide

Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes, you could use a flash drive too but flash drives are writeable and infections can spread to them.
To avoid additional delay in getting a response, it is advised that... Read more

1 more replies
Relevance 50.84%

[attachment=6496][attachment=6497][attachment=6498]

I went into my Programs/Features to check for items I didn't recognise - and discovered via Microsoft Forum that Search Protect by Conduit is a malware. When I try to remove it, I get a pop-up box telling me I do not have sufficient access to uninstall it and to contact my systems administrator. I am the ONLY person who uses this computer....so who is my systems administrator?! I don't appear to have any of the other things like BrotherSoft Extreme2 B1 Toolbar, Search Protected by conduit, Conduit Apps Toolbar? As you can probably tell from this post, I am a self-confessed techno-phobe, so any answers in words of one syllable, please?!
 

Answer:Search Protect by Conduit....Removal help please?!

Hi,
Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.

Click on the Scan button.
After the scan has finished click on the Clean button.

Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Post logfile will also be saved in the C:\AdwCleaner folder.
Then...
Re-run FRST, check Addition.txt, press Scan and attach both reports.
 

1 more replies
Relevance 50.84%

I have had spyware protect 2009 pop up twice recently on my computer. I tried the Combo Fix, okay I know I shouldn't have but didn't read about it in the forum until too late. Fortunately computer still runs. Anyway Spyware protect came back but I'm not sure now if I still have it. Also my Norton says I have the Brisv.A!inf virus and recommends manual removal. I tried using their directions but it didn't work. I've run the DDS and GMER, reports attached. Any help greatly appreciated.




DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 17:32:44.35 on Thu 04/30/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.125 [GMT -4:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton AntiVirus *enabled*
FW: Norton Internet Security *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C... Read more

Answer:Spyware Protect 2009 removal

Quote:




I tried the Combo Fix, okay I know I shouldn't have but didn't read about it in the forum until too late.




Did you not read the Disclaimer you had to OK in order to run the tool?

It clearly states that it should not be run in an unsupervised environment.



I'll need to review the C:\ComboFix.txt. Please post the contents in your next reply along with a fresh dds.txt

1 more replies
Relevance 50.84%

Just want to get a clean bill of health after I removed the pesky system live protect. THXLogfile of HijackThis v1.99.1Scan saved at 7:34:48 PM, on 6/11/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\ActivCard\acachsrv.exeC:\Program Files\Common Files\ActivCard\acautoreg.exeC:\Program Files\Common Files\ActivCard\acautoup.exeC:\WINDOWS\system32\bgsvcgen.exeC:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exeC:\WINDOWS\system32\cisvc.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exeC:\WINDOWS\System32\DVDRAMSV.exeC:\WINDOWS\ehome\ehSched.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\... Read more

Answer:Hjt Log After "system Live Protect" Removal

Hello chuzie, Please download SmitfraudFix Double-click SmitfraudFix.exe Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Please copy/paste the SmitfraudFix report into your next reply, along with a fresh Hijackthis log. Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. http://www.beyondlogic.org/consulting/proc...processutil.htm

2 more replies
Relevance 50.84%

Hello TSF
I just bought a HP Envy 15t Touch, it's supposed to be a pretty good machine.
Long story short.. I only had this computer for 1 day, and ended up downloaded some ad-ware. I am in the process of rebooting my computer with all factory defaults.

What I would like to do once that finishes (assuming my computer will be mal-ware free) is well.. I need a checklist: here is what I have so far.

Unbox Computer, Update Windows, Download Google Chrome, Remove MacaFee Anti Virus, and install Kaspersky (Because I have a 1yr sub)
What I would like to do from this point is....

Remove all the Bloat-ware, that was pre-installed on my computer
I don't like there music player or movie player. I'd like to completely
remove these programs (The HP pic viwer and movie viewer.. Because they conflict with both Windows viewrs and also 3rd party viewers that I prefer to use.

Please Help Thank you in advance
Searda

Answer:New PC program removal & virus protect

Here's what I would do in your case, after the PC has been factory restored.

Setup Windows and change the power settings to your liking (Make sure it doesn't fall asleep during updates.

First, get all of the updated provided to you via Windows Updates.
Second, download and install of the latest drivers from HP.
Third, remove all bloatware that is installed on the system.
Fourth, install your antivirus protection.
Fifth, install your custom applications like Chrome.

3 more replies
Relevance 50.43%

I've been hit with the Lop.com toolbar and I was told to post my HijackThis log and let you know that I've got AdAware so that you'd help me. You were highly recommended.

"Help me Obi-Wan Kenobi, you're my only hope."

--Kid Krypton
 

Answer:Yet another Lop.com Toolbar removal thread...HELP ME!

6 more replies
Relevance 50.02%

What is Total Protect ?

Total Protect is a fake system security software that is considered as a Rogue. Rogues are malicious programs that hackers use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information
Am I infected?

This are some screenshots of this rogue :

[attachment=669]

[attachment=670]

Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)
1. Restart your computer. As soon as your computer turns on, tap F8 until you reach the Advanced Boot Options. Use the arrow keys and select Safe Mode with Networking .
2. Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3
Save it to your Desktop.
Double click the RKill desktop icon.
It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
(This tools will kill the rogue's process temporarily. As a result, act quickly and move on to the next step.
Do not reboot your computer after running RKill as the malware programs will start again. )

3. Download Malwarebytes' Anti-Malware to your desktop.

Rename the file to firefox.exe BEFORE downloading
Double-click firefox.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwar... Read more

More replies
Relevance 50.02%

Good Morning,

I had an ongoing dialogue with a tech "Noviciate". My account name is sewerman. I've been away from the office for a while and wasn't able to reply to the latest post. Apparently the thread was closed based on inactivity. Is it possible to reopen it so I can resume where we left off?

sewerman
Noviciate was informed of your request.
nasdaq.

Answer:Virus Removal - Need Thread Reopened

I will be taking this topic as Noviciate is busy at the moment.

Please post the information I just sent on your topic.

nasdaq.

1 more replies
Relevance 50.02%

Hi.

I have that thing that redirects my google searches to tazinga, balisearch, etc. How do I remove it?

OTS on stand-by.
 

Answer:Yet another Tazinga redirect removal thread

16 more replies
Relevance 49.61%

Spyware Protect 2009 - I am having trouble removing this malicious program. I installed and updated Malewarebytes Anti-Malware program and at first glance it seems to remove the program only for the virus to pop up in the taskbar a few minutes later.I also installed and ran the updated Spyware Hunter program to no avail. It detects and removes several things but not Spyware Protect 2009.What else can i do? Thanks for any help!Here is the log file, although something tells me it is not telling the whole story:Malwarebytes' Anti-Malware 1.33Database version: 1740Windows 5.1.2600 Service Pack 22/9/2009 10:27:07mbam-log-2009-02-09 (10-27-07).txtScan type: Quick ScanObjects scanned: 57750Time elapsed: 6 minute(s), 33 second(s)Memory Processes Infected: 1Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:C:\WINDOWS\sysguard.exe (Trojan.FakeAlert) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysguard (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\WINDOWS\sysguard.exe (Trojan.FakeAlert.H) -&... Read more

Answer:Spyware Protect 2009 removal help - log file included

This is the log from the initial scan i did on the PC:Malwarebytes' Anti-Malware 1.33Database version: 1740Windows 5.1.2600 Service Pack 22/9/2009 07:34:20mbam-log-2009-02-09 (07-34-20).txtScan type: Quick ScanObjects scanned: 72471Time elapsed: 13 minute(s), 17 second(s)Memory Processes Infected: 1Memory Modules Infected: 0Registry Keys Infected: 18Registry Values Infected: 1Registry Data Items Infected: 1Folders Infected: 8Files Infected: 10Memory Processes Infected:C:\WINDOWS\sysguard.exe (Trojan.FakeAlert) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-035359... Read more

3 more replies
Relevance 49.61%

What is Total Protect?

Total Protect Adware is a fake system security software that is considered as rogue.
Rogues are malicious programs that cyber criminals use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information.
As this program is a scam do not be scared into purchasing the program when you see its alerts. You are strongly advised to follow our removal instructions below.

Am I infected?

This is how the main screen of the rogue application looks:

Total Protect Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)

STEP 1 : Start your computer in Safe Mode with Networking
Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.
Do one of the following:
If your computer has a single operating system installed, press and hold the F8 key as your computer restarts. You need to press F8 before the Windows logo appears. If the Windows logo appears, you will need to try again by waiting until the Windows logon prompt appears, and then shutting down and restarting your computer.
If your computer has more than one operating system, use the arrow keys to highlight the operating system you want to start in safe mode, and then press F8.

On the Advanced Boot Options screen, use the arrow key... Read more

More replies
Relevance 49.61%

Trying to get some help removing spyware and malware. I am pretty sure I have Spyware Protect 2009 on my system as I keep getting pop-ups for this.

I have downloaded HiJackThis and have run. The results of the log are shown below. Please advise on what I need to do.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:54:22 PM, on 4/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PRO... Read more

More replies
Relevance 49.61%

Hi, Im running Windows XP, on a Gateway 600YGR laptop.

I too had the infamous Spyware Protect 2009. I looked up the files/programs that may have been causing the infections from another site and deleted just one ".exe" file (I think it was sysguard.exe file under C:Windows) using HJT.

The pop-ups from my task bar disappeared and so did the re-direction to SpywareProtect2009 websites and popups.

BUT after a reboot, i recieved a message from my task bar saying my firewall was down, AVG anti-virus email scanner down and i was no longer able to connect to my wireless network, or access the internet in general even when directly connecting to my modem. I recieve "Insufficient systen resources exist to complete the requested service" quite often.

The laptops performance became slower in general with frequent freezes.

It was a crucial hit... from myself. Is there anything i can do?

Much appreciated.
 

Answer:Removal of Spyware Protect 2009 caused Problems

System Restore! and back to normal.
 

1 more replies
Relevance 49.61%

Hi,

this is my first post, I hope it's posted in the right forum.

Well, I seem to have been infected with spydawn and also did read the removal instructions, but before I start with that I still would like to ask a question.

On the site where you can download the SmitFraudFix program it says "I do not recommend using the tool without guidance from a qualified malware removal specialist!" and since I would call myself a computer newbie, at least when it comes to solving problems, I would like to know how risky it is to use that program, or do the removal instructions count as "guidance from a qualified malware removal specialist" ?

And that guide is also for windows XP, isn't it?

Thanks in advance.

Answer:Question Regarding The "spydawn Removal Instructions" Thread

Good questions. With the images along with the written instructions, I would feel safe in using the fix. If you have any problem or want to clarify a step, please ask. I always recommend using Super Antispyware along with the Smitfraudfix. Super Antispyware has had success in removing Spydawn and because there is always a good chance that you have other malware. Yes, Smitfraudfix is for XP. I don't think it works with Vista, though..Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds. http://www.superantispyware.com/

13 more replies
Relevance 49.2%

Hi Guys

hope you can help me. I have a windows Vista sony laptop where I tried to install a mcafee software from someone and i saw a strange pop up , when I closed it, i started to notice few strange things on my machine:

1. spyboy doesnt open anymore and unistalling it then trying to install it give me an error message
2. Malwarebyte anti-malware doesnt open as well.
3. Firefox google homepage doesn't load anymore
4. installing mcafee security software (clean version) doesnt load

I hope the log of hijackthis will shed some light on what's going on
thanks a lot

Karim
 

Answer:malware infection stopping spybot and anti-malware!

just want to update that the first 3 issues still in place but point 4 isn't a problem anymore. I successfully managed to install the mcafee 2008 security centre and I will be making a full scan, while waiting for any suggestion for points 1 to 3

thanks

Karim
 

2 more replies
Relevance 49.2%

http://malwaretips.com/threads/srv123-pop-ups-on-steam.27833/

"quote that thread"
I have the same problem, I am getting very fed up off adds everywhere....
Will add more detail specific if needed. (Just post that I need to, Figured your all experts and only need the FRST.txt File, I have only ever downloaded music But will delete it to get help).

I will do anything for help. Even donate to the man that fixes this
 

Answer:System update kb77600 removal (Search protect, Aducky) etc please..

Helllo,

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.


Download Malwarebytes Anti-Rootkit to your desktop.

Double-click the icon to start the tool.
It will ask you where to extract it, then it will start.
Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Click in the introduction screen "next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all t... Read more

40 more replies
Relevance 48.79%

Previous topic

http://www.techsupportforum.com/secu...ease-help.html

Please help with the remaining steps in cleaning my computer. ComboFix.txt log listed below.

THANKS!


ComboFix 09-06-21.01 - 410Brantley 06/22/2009 10:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2279 [GMT -5:00]
Running from: c:\documents and settings\410brantley\Desktop\ComboFix.exe
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\410brantley\Application Data\mllntuec
c:\documents and settings\410brantley\Local Settings\Application Data\mllntuec
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\NetworkService\Application Data\mllntuec
c:\documents and settings\NetworkService\Local Settings\Application Data\mllntuec
c:\program files\Common
c:\recycler\S-1-5-21-1233931459-2918598142-4291659859-1005
c:\recycler\S-1-5-21-703021747-2940346758-2480081977-500
c:\windows\system32\drivers\pdmpdpgu.sys
c:\windows\system32\drivers\wjuzuyas.sys
c:\windows\system32\gkbqdlu.dll
c:\windows\system32\spkdmqm.dll
c:\windows\Tasks\At1.job
c:\documents and settings\410brantley\Application Data\mllntuec\profiles.ini
c:\documents and settings\410brantley\Application Data\mllntuec\P... Read more

Answer:Spyware/Virus Removal (cont'd from previous thread)

Hello -

As amateur noted in the initial reply you received, this forum is very busy. Three days seems like plenty to return a reply. If there are extenuating circumstances which might prevent a reply in that time, it's a good idea to let the volunteer know, as we all only take on a certain amount of active topics. This then prevents us from helping someone else during that time period.

Please try to complete these steps more promptly.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

ComboFix seems to have done a good job.


Open NOTEPAD.exe and copy/paste the text in the codebox below into it:

Code:

@echo off
if exist "%temp%\log.txt" del "%temp%\log.txt"

for %%g in (

c:\windows\Rnojetasoyuy.bin
c:\windows\Kfawocub.dat
c:\windows\mdgmemsg.dll
c:\windows\sh32df.dll
c:\windows\iforobif.dll
c:\windows\mdgxdl.dll
c:\windows\ukegajekumibol.dll
c:\windows\cmp320n.dll

) do (
del /a/f %%g >nul 2>&1
if exist %%g echo.%%g>>"%temp%\log.txt"
)

if exist "%temp%\log.txt" ( start notepad "%temp%\log.txt"
) else echo.Deleted Successfully !!

pause
del %0
Save this as fix.bat Choose to "Save type as - All Files"
It should look like this:
Double click on fix.bat & allow it to ... Read more

4 more replies
Relevance 48.79%

Hello, I read the thread about removal of trojan spm/lx with the popups for winantivirus but since several procedures were tried and recommended I couldn't decipher how to proceed from reading the forum thread. I am also infected. Should I do exactly as in the thread of 29 Sept. or were some of those steps ineffective? I am not experienced with hijackthis or reading the logs.

I'm running Norton Internet Security and have webroot spy sweeper installed. Spy sweeper doesn't find the problem. Win XP home, IE browser.

Thanks very much.
 

Answer:Solved: couldn't figure out trojan spm/lx removal thread

9 more replies
Relevance 48.79%

I'm getting the homepage hijack as well as toolbar popups at the top and bottom of my screen in IE. I followed the thread at the top of the page (READ THIS FIRST) but the problems remain. I also dl'ed AdAware SE but still no luck. If someone can analyze my HJT report or offer some advice, I'd appreciate it. Thank you.

ps- I'm running XP.
 

Answer:Followed the basic spyware removal thread but no luck (HJT log inside)

No! You did not follow all the steps in the thread! If you had, you would not be running an old HijackThis version. Also, you would not have HijackThis on your Desktop had you read and followed the threads. And you would have shutdown unnecessary applications too. Like all the printer stuff, Winword, Firefox, iPod, etc.

A brief look tells me you have a stubborn one though. You really need to make sure you have done all those other steps with update versions of each program and I need a new HJT log with version 1.98.2.

Go back and do all the steps and verify you have all the correct versions too.
 

8 more replies
Relevance 48.79%

Something (Malware ? ?) locked up my PC (Windows XP). I got a pop up message that my PC was infected and click "yes" to buy an AV program. I did not click "Yes", but every program I tried to run came up with the same message. I took it where I bought it and they fixed it by cleaning my hard drive and re-loading my OS. Fortunately, I had BU'd my personal files. They called the problem an "intercept". Norton AV did not catch it. They also loaded "Malwarebytes" for me.

What is the best way to protect for this kind of problem ?
 

Answer:How to protect against Malware ?

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 48.79%

i Just bought a new PC. i have a couple questions from the 'How to protect yourself from malware' thread.

My Pc is running windows 7.

In the Firewall section it doesnt say if the windows 7 firewall is sufficent? If it isnt i will download and outpost firewall and disable the windows one.

In the Antispware tools i downloaded Micrsoft security essentials for Winbdows 7. Since i also downloaded Avast as my anti Virus is it ok to run both these?

In the disable the autoruns feature there is no update for windows 7?
 

Answer:How to protect yourself from Malware

avilo4u said:





In the Firewall section it doesnt say if the windows 7 firewall is sufficent? If it isnt i will download and outpost firewall and disable the windows one.Click to expand...

While the Windows 7 firewall is better than what was in previous versions of Windows, it is still very inadequate.





avilo4u said:





In the Antispware tools i downloaded Micrsoft security essentials for Winbdows 7. Since i also downloaded Avast as my anti Virus is it ok to run both these?Click to expand...

No! MSE is and antivirus and antispyware. So is Avast. You can only have one of them installed.





avilo4u said:





In the disable the autoruns feature there is no update for windows 7?Click to expand...

Microsoft has never updated their info ( from here http://support.microsoft.com/kb/967715 ) for Windows 7 so I'm not sure if everything that is used for Vista would apply.

You can just run this >> Autorun Eater
 

6 more replies
Relevance 48.79%

How would you protect yourself from a fud?
 

Answer:How to protect yourself from a FUD malware?

LukeNukesEm said:





How would you protect yourself from a fud?Click to expand...

Supplement your security with something besides signatures.
 

34 more replies
Relevance 48.79%

Make sure you get your system protected from ocurrences of malware problems. Below are some simple steps you can take to reduce the chance of infection in the future. I strongly encourage you to do them all. There is no perfect solution for totally preventing malware from getting on your PC, however, these steps will help.

Please do not make the false assumption that this thread is old or out of date based on the date the thread was started ( 10-10-04 21:52 ). Look at the Last Edited date at the bottom of this message as this procedures does evolve with time.

IMPORTANT NOTE: It is getting more and more difficult to find real true freeware these days that does not include bundleware, toolbars...etc and junk you just don't want. Make sure you pay attention during installation of anything you download and read license agreements. Be sure to uncheck check boxes for the bundleware and toolbars where you can so that you opt out because the defaults are always to opt in.


1. Visit Windows Update: Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS. For anyone who is not yet running at least Windows 7 (which you really should be running at a minimum if your PC supports it) see the below link before updating. Note: Windows XP is not longer supported by Microsoft and is hence a security risk.

Windows 7 Upgrade Advisor
You should check for Windows Updates at least once a ... Read more

More replies
Relevance 48.38%

I didn't know where else to put this so I apologize ahead of time.

I am working on this computer running Windows 7. After running several anti-virus/malware programs (Avast, Microsoft Essentials, Malwarebytes, EmsisoftEmergencyKit) several viruses were removed. I didn't note the names at the time. Prior to the removal, certain features wouldn't work, e.g. when clicking on a Control Panel applet, nothing would run. Those things are working now. I am able to get online, but certain items fail, such as updating Microsoft Essentials. I checked and Firewall is not running, nor can I get it running.

I have tried running MS Fix It, importing registry entries for Base Filtering Engine (BFE) and Windows Firewall Authorization Driver (MPSDRV) - doesn't seem to be running...

I am open to ANY ideas.

Here are the details from SysInfo:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) II P340 Dual-Core Processor, AMD64 Family 16 Model 6 Stepping 3
Processor Count: 2
RAM: 3834 Mb
Graphics Card: ATI Mobility Radeon HD 4200 Series, 256 Mb
Hard Drives: C: Total - 286999 MB, Free - 229842 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: None

I am attaching the HijackThis.log in case you need this as well...
 

Answer:unable to start firewall after virus removal - {Moved Thread}

16 more replies
Relevance 48.38%

I followed the steps in the Windows XP Malware Removal/Cleaning Thread, with the exception of Hitman Pro. It continually crashed at start of scan. All logs attached. Thank you very much for your help.
 

Answer:Completed Removal Thread Except Hitman Pro (crashed). Other Logs Attached.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these detections:

[RUN][SUSP PATH] HKCU\[...]\Run : Ohovabq ("C:\Documents and Settings\User\Application Data\Arub\omgey.exe" [-]) -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : Adqyag ("C:\Documents and Settings\User\Application Data\Zygoib\yxbiy.exe" [-]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : SMBHelper (C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Windows\4481\SMBHelper.exe [-]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : udsed (rundll32.exe "C:\Documents and Settings\User\Application Data\udsed.dll",CloseDatabase [x][-][x]) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : rewrl ("C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\User\Application Data\rewrl.dll",read_init_2 [7][-][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-4094170921-3905128688-456205478-1007\[...]\Run : Ohovabq ("C:\Documents and Settings\User\Application Data\Arub\omgey.exe" [-]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-4094170921-3905128688-456205478-1007\[...]\Run : Adqyag ("C:\Documents and Settings\User\Application Data\Zygoib\yxbiy.exe" [-]) -> FOUND
[SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Documents and Settings\User\Application Data\mcafee.ini,explorer.exe [-][x]) -> FOUND
[SHELL][SUSP PATH] HKUS\[... Read more

3 more replies
Relevance 48.38%

Hello,Yesterday my computer was suddenly attacked by the System Check virus (it slid right past my Avira software even though I did get a warning message right before it crashed!) I have absolutely no access to anything on my computer in regular mode; all of my folders are empty, and I have no access to My Computer or the Internet. The only thing I can do is shut down or restart the computer. This almost exactly the same case in Safe Mode with Networking. The only difference is that in safe mode, I could access my flash drive (with the appropriate recovery software downloads) by clicking on the recycling bin, and thankfully I was able to see the other drives on my computer from there. I followed the steps in this thread to attempt to stop the System Check virus.My results were as follows:Rkill - ran with no obvious interference from System Check, but also reported terminating 0 processes. (I have the log for this if requested).Kaspersky TDSS - ran through 263 processes, found 0 threats.MBAM - This found 11 objects, and the "Remove Selected" process seemed to run normally. (I've used MBAM a number of times before). It asked me to reboot my computer, and as the help thread I was following said to agree with this, I did so. After reboot (into normal mode) the System Check virus came right back up and I'm back to square one. The following is MBAM log from that initial run.Malwarebytes Anti-Malware 1.60.0.1800www.malwarebytes.orgDatabase version: v201... Read more

Answer:System Check Virus persists even after following removal thread steps

Here is a brief update as I changed some things since the last post. I ran RKill again, this time in normal mode, and it seemed to actually terminate the System Check virus this time. Therefore I was able to run MBAM in normal mode, and it removed a number of items (though not as many as it said it was going to remove when I first ran it in safe mode). The following is the log of that MBAM run:Malwarebytes Anti-Malware 1.60.0.1800www.malwarebytes.orgDatabase version: v2012.01.24.02Windows 7 x64 NTFSInternet Explorer 8.0.7600.16385Kara :: KARADESKTOP [administrator]1/23/2012 7:42:45 PMmbam-log-2012-01-23 (19-42-45).txtScan type: Full scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 557435Time elapsed: 2 hour(s), 11 minute(s), 20 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 1HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|tSUpODctlIrm.exe (Rogue.FakeHDD) -> Data: C:\ProgramData\tSUpODctlIrm.exe -> Quarantined and deleted successfully.Registry Data Items Detected: 2HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfull... Read more

23 more replies
Relevance 48.38%

Hello - First, let me say thank you for helping me rectify a really poor choicesof opening software I wasn't 100% certain was verifiable. As a result I have the Virust Protect Pro problem (at a miniumum) which seems to tie up my machine a lot and causes problems with my wireless network adapter. I have used Spybot and Adware to no avail. I've copied and pasted the Hijack This log below and won't make any changes until I hear from you.
With great thanks for your help!
K

Logfile of HijackThis v1.99.1
Scan saved at 3:52:29 PM, on 8/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program F... Read more

More replies
Relevance 48.38%

I continue to get the "SysProtect" download window on both I.E. and Mozilla. Followed your steps listed to clean my system, but same "Virtumonde" files appear each time I run Ad-Aware. Here is the Hi-Jack this log (after running Ad-Aware, see end of log for HijackThis log generated after restarting computer w/o running Ad-Aware):Logfile of HijackThis v1.99.1Scan saved at 9:48:28 PM, on 5/18/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton AntiVirus\IWP\NPFMntor.exeC:\WINDOWS\System3... Read more

Answer:Malware - Virtumonde & Sys Protect?

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.Step #1Scan again with HijackThis and check the following items:R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: WTLHelper Object - {6D33B121-5C4C-4450-9D1F-7B67085CC199} - C:\WINDOWS\system32\jkhhe.dllO20 - Winlogon Notify: jkhhe - C:\WINDOWS\system32\jkhhe.dllAfter checking these items, close all browser windows except HijackThis and click "Fix checked".Step #2Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.Put a check next to Run VundoFix as a task.You will receive a message saying vundofix will close and re-open in a minute or less. Click OKWhen VundoFix re-opens, click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YESOnce you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will shutdown your computer, click OK.Turn your computer back on.Please go HERE to run Panda's ActiveScanOnce you are on the Panda site click the ... Read more

7 more replies
Relevance 48.38%

We maintain several PCs from a library, a research lab for students in a university. Just recently bunch of malwares swarm inside the lab and nearly affected all the machines. Most of these malwares are being imported from student's flash drives in which they're freely allowed to plug on the PC's. So cleaning the infections was really tedious. We cloned the drives and some were fixed using anti-malware softwares. 
 
Each computer is running a Microsoft Security Essentials for virus protection, and that's it.

Our main problem is, how should we setup each PCs so that we can prevent those viruses from porting inside the system? Is there any particular software or windows configurations that can offer such functionality? MSE merely detects all these viruses and most of it already infiltrated the system and removing each as I said is very tedious and time consuming.
Maybe you guys got some efficient workarounds with this type of predicament.NOTE:
All PCs have the same hardware and uses Windows 7 32bit.
 

Answer:How to protect PCs from USB-malware carriers?

Simple, look at:
 
http://www.bleepingcomputer.com/forums/t/541639/security-suggestions-post-3-of-7/
 
Have a great day!

 

11 more replies
Relevance 48.38%

Hello,

Is there any thread for "How to protect yourself from malware (for vista)" as the one written by chaslang for windows xp.

Another question plz. Is there any site to give ranking for antivirus softwares like matousec for pro-active internet security softwares.

Also kindly tell me plz that avast antivirus is better or comodo internet security with antivirus is better.

Thanks.
 

Answer:How to protect yourself from malware (for Vista)

ablaze said:





Is there any thread for "How to protect yourself from malware (for vista)" as the one written by chaslang for windows xp.Click to expand...

It was not written for Win XP. It is for all versions of Windows althoough obviously there is more in there that relates to WinXP and older since they have been around longer.





ablaze said:





Another question plz. Is there any site to give ranking for antivirus softwares like matousec for pro-active internet security softwares.Click to expand...

You should ask in the Software Forum. But reviews of AVs are typically out of date by the time they are published. This happens because many programs update 3 to 5 times per day and even just one update can drastically improve or reduce an AVs test score.





ablaze said:





Also kindly tell me plz that avast antivirus is better or comodo internet security with antivirus is better.Click to expand...

You are not comparing apples to apples. Avast is just an antivirus. Comodo Internet Security includes all of the below:

firewall
antivirus
Host Intrusion Protection System (HIPS)
BOClean Anti-Malware is not being included in CIS

 

3 more replies
Relevance 48.38%

Hi. I am rather a person with basic knowledge about computers so don?t be surprised if my question will sound stupid to you.
I have a Windows PC and I often use my thumb drive to print some documents in my university. I?m afraid that it will become infected someday so I thought it would be a good idea to use it only with Puppy Linux when I'm at home. This is why I made my thumb drive a bootable one with Puppy on board. What I want to do is to boot to Puppy, copy the files I need to print or use at the university to the USB drive, then close the system and disconnect the USB drive. To be clear, only one USB stick is involved in this process (Puppy and data are on the same USB stick). Would that prevent infecting my Windows PC? If not then how can I avoid viruses spreading through USB? Can malware do any harm to Windows OS when Puppy is booting?
 

Answer:Can puppy protect me from malware?

Good idea if I understood correctly
 

7 more replies
Relevance 47.97%
Question: spybot removal

Hi everybody,I removed the Spybot S&D via Control Panel(add/remove),but when i run antivirus program,i found about 60 entrees,related to spybot like:
C:\Documents and Settings\All Users\Application Data\Spybot-Search and destroy\Recovery\Adware Alert.zip etc.to ...\Adware Alert2.zip and so on.
How can i get rid of Spybot completely?
Thank You,
Alex.
 

Answer:spybot removal

Why would anyone want to remove Spybot?
 

6 more replies
Relevance 47.97%

I unstalled spybot S&D but when I go to start-find-files or folders and type in spybot s&d it shows up and list that its in C:\program files\spybot. How do I completely remove spybot from my computer so I can download a new copy. I download 1.4 and the search got halfway through and I got "This program has performed an illegal operation and will be shut down."

Answer:Spybot S& D Removal

they are just remnants which you have to delete manually. Do a search then delete all it finds. I am assuming that you uninstalled it properly in Add or Remove

4 more replies
Relevance 47.97%
Question: New Malware thread

Sorry about the last one here is the new one...
Ok So I'm running windows xp media center on my laptop.

When I boot up I get numerous dll errors with nawupoho.dll for every program that opens.

Then after whenever I try to open any program I get another box for nawupoho.dll saying

"The application or DLL C:\WINDOWS\system32\nawupoho.dll is not a valid Windows Image. Please check this against your installation diskette."

Just keeps happening. After I click OK or the X the program opens. I've tried several various spyware programs with no results.

DDS (Ver_09-02-01.01) - NTFSx86
Run by Owner at 12:26:09.35 on 10/03/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1216 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files... Read more

Answer:New Malware thread

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection.

It can take as little as eight seconds to infect an unprotected computer.

Please keep this computer offline except when downloading tools and posting in the forum until we get one installed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.... Read more

10 more replies
Relevance 47.56%

Staff Advisory: This post needs to remain here until one of the malware team advise that it can be moved. This member cannot access our malware forums due to their infection. ~ Animal----------------------------------------------------------------------------------------------------------------------Hello, I got some help from some nice people in the live chat. I have made a log with your hijackprogram and am posting it at the bottom. It created two .txt files so there are two reports. I am unable to open ANY link that has the words anti-spyware anywhere on the page or in the address bar so unfortunately I cannot post this in the malware removal forum because the internet window closes every time. I am in dire need of some help! I have a subscription to spy sweeper and it is keeping things out but I was infected with Antivirus xp 2008 and possibly some viruses because the computer was un-protected for about a month while I was in the hospital..I run with Windows XP and a wireless connection. If someone could take the time to look at this for me I would be so incredibly thankful! I offer my services as a photographer/graphic artist/professional gift shopper/myspace designer/beginner web designer. You can see what I do at www.perfectionpictures.com and contact me if you need anything at all!Current Symptoms (in the order of appearance)Random Total system crash then restart then blue screen then back to windows. msvcp71.exe is missing so a program is being prevented ... Read more

Answer:Antivirus Xp 2008 Removal Help/am I Infected? Can't Open Malware Removal Forum

Hi & welcome,I would like to try a couple things before we go much further so I have a bit better picture of what is happening and can take the needed cautions.1.) click start> run> type msconfig and hit enter.click "boot.ini" tabCheckmark /bootlogClick "apply" and "close"Reboot when askedLocate and delete this file:C:\windows\ntbtlog.txt (in case your extensions don't show it looks like a notepad)RebootLocate & post:C:\windows\ntbtlog.txt2.) Click start> run> type: cmd.exe and hit enter.type the following commands exactly as you see em & hit enter after each one:cd c:\windows\system32dir userinit.exeNote the file size please & report that back to me. Leave cmd open a sec.Back at the cmd window...Type:cd dllcachedir userinit.exedir spoolsv.exeNote file sizes & report that back to me.Type exit in the CMD window & hit enter. (this closes it)3.) Can you see also if you can get this program installed please:http://download.bleepingcomputer.com/hijac.../HJTInstall.exeSave file> run it> follow prompts to install excepting defaults.Allow it to "launch" hijackthis.Click the "Do a System Scan and Save a Log File" optionSave the log file and then it should open with NotepadGo to Edit, Select All and then Edit, Paste to paste the contents of the log hereLet me know if you had any problems with the above please.I advise keeping the system offline as much as possib... Read more

3 more replies
Relevance 47.56%

Microsoft said:

A view of the current landscape
Criminal attacks continue to evolve and malware has become their standard weapon against anyone who uses the Internet?on traditional form-factor devices, as well as on mobile devices like tablets and phones. Malware targets all operating systems and browsers, and in recent years, criminal attacks against applications have increased substantially.

Criminals also use social engineering to trick you into performing actions that put you at risk. An increasingly common social engineering strategy uses online advertising campaigns to lure you to a site that installs malware on your computer.

An economy has developed around building reliable vulnerability exploits, which criminals buy to help distribute their malware. Criminals make money from their malware, so they invest in ways to keep it alive such as producing a higher quantity of malware, updating it more frequently?e.g. multiples times each day?and increasing its size and complexity. Some malware is as complex as commercial applications.

Secure by design
We use the Security Development Lifecycle (SDL) to build Windows with the best security design, development and testing practices available. Some highlights include:
Threat modeling and security design reviews. During the design process we consider how criminals might seek to attack features and scenarios, and incorporate this analysis into our designs.
Writing secure code. Training and code quality tools help to pre... Read more

Answer:Windows 8 will better protect users from malware

Well its like malware writers would take time to discuss how they will bypass those features. Its like Windows 8 were built in security and could led to few vulnerability probably.
 

6 more replies
Relevance 47.56%

If you know about security in website and computer then tell me how to secure Website from Malware Attack. And what is the role of Google Webmaster in security purpose?
 

More replies
Relevance 47.56%

Hello,I recently managed to aquire a virus that seems to have taken over my computer. There's a bar that appears right below the address bar for internet explorer telling me to download the latest antispyware to protect my computer. I cannot pull up my Task Manager, my computer prompts me that it has been disabled by my administrator. My desktop background has been changed to a message stating the computer has several fatal errors. and occasionally music will play at random that i've never heard before.here is my log:Deckard's System Scanner v20071014.68Run by Josh UWL on 2008-04-09 16:35:51Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --49: 2008-04-09 21:36:32 UTC - RP521 - Deckard's System Scanner Restore Point48: 2008-04-08 16:12:26 UTC - RP520 - Restore Operation47: 2008-04-08 16:08:59 UTC - RP519 - Last known good configuration46: 2008-04-08 16:08:42 UTC - RP518 - Restore Operation45: 2008-04-08 16:08:41 UTC - RP517 - Last known good configuration-- First Restore Point -- 1: 2008-04-08 16:08:11 UTC - RP473 - System CheckpointBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 85% (more than 75%).Total Physical Memory: 447 MiB (512 MiB recommended).-- HijackThis Clone --------------------------------------------------... Read more

Answer:Protect.antivirus Malware Infection

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

10 more replies
Relevance 47.56%

I just got my degree and have not been able to find work so I can only thank all the people at MajorGeeks.
I am 'Gunk Free' but was reading the chaslang's post "dated 10-10-04, 21:52, How to Protect yourself from malware! - MajorGeeks Support Forums"; and under the firewalls to use "Outpost Firewall Free" is listed when I went to download it, it is Dated: 2009-05-08 is it still a good firewall to use?
Thank you in advance for your help.

At a point in time I was 01 of them that understood some binary.
 

Answer:How to Protect yourself from malware! post question

Yes, it is still a good firewall. Just make sure you keep it updated as you would with all other protection software.
 

1 more replies
Relevance 47.56%

Hey!
I am a web designer and I just got permission to work from home for the next week. I am allowed to take my work laptop home for it. I would like some advice regarding the security concerns before I start the work.
I have heard about spyware and malware attacks that can cause severe loss of data. I don't want such things happening to me in my work system. As of now it's clean and no malicious files are present in the system. It's installed with Kaspersky Internet Security and ExpressVPN when connecting to the Internet. Will it help in protection from spyware and malware? I have seen articles mentioning not clicking on emails and installing antivirus softwares will help, but still I have heard a lot about such attacks. What else can I do to ensure nothing harmful will happen?
 

Answer:Will Kaspersky and VPN protect from malware attacks?

It being a work laptop, you shouldn't replace any of the pre-installed software, correct?
 

3 more replies
Relevance 47.56%

I am getting three screens that come up when ever I try to do work on any program. (1) Windows Security alert (2) Spyware Protect 2009 alert (3) Spyware Alert

DDS (Ver_09-02-01.01) - NTFSx86
Run by Kim at 10:54:20.07 on Thu 02/19/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2430.1853 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)

============== Running Processes ===============

J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
J:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
J:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\McAfee.com\Agent\mcagent.exe
J:\WINDOWS\svcho.exe
J:\Program Files\AIM6\aim6.exe
J:\Program Files\Windows Live\Messenger\msnmsgr.exe
J:\Program Files\Messenger\msmsgs.exe
J:\WINDOWS\sysguard.exe
J:\Program Files\AIM6\aolsoftware.exe
J:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
j:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
j:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
J:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
J:\Program Files&... Read more

Answer:Spyware Protect 2009 malware

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post a fresh dds log, please.

2 more replies
Relevance 47.56%

Malware Protection is a rogue anti-virus application that runs a fake system scan and then concludes that your computer has a malware infection or serious security/privacy issues. To fix the malware infection you must pay a fee, about $50. The rogue program copies user interface elements from real programs and it looks like a legitimate application. Plenty of people shell out $50 to register this fraud and that's a big problem because if you're transacting with these guys online you're offering them your credit card details. Cyber criminals can later user that information to their benefit. You should protect yourself with common sense and legitimate anti-virus software because such fake anti-virus applications as Malware Protection now represent about 20% of all malware in circulation. If you made a mistake and purchased it, please contact your credit card company and dispute the charges. And if you still have this fake AV on your computer, please follow the removal instructions below to remove Malware Protection and related malware for free.

Manual Malware Protection removal instructions:

1. Right click on the "Malware Protection" icon, click Properties in the drop-down menu, then click the Shortcut tab.

The location of the malware is in the Target box.

NOTE: by default, Application Data folder is hidden. Malware files are hidden as well. To see hidden files and folders, please read Show Hidden Files and Folders in Windows.

Under the Hidden f... Read more

Answer:How to protect and clean your computer from malware

Is this a removal guide for this rogue or ?

 

1 more replies
Relevance 47.56%

QUESTION _Sticky:" How to Protect yourself from malware! "

In the below instructions, Is it necessary if I *NEVER* use IE, only Firefox?

Thanks!


"6) Adjust Active X security settings

* In Internet Explorer, click Tools, Internet Options, Security. Click on the Internet globe. Then select Default Level, then click OK. Now select Custom Level and scroll down to the ActiveX controls and plug-ins section (some may already be set correctly):
o Set Download signed Active X controls to Prompt
o Set Download unsigned Active X controls to Disable
o Set Initialize and Script ActiveX controls not marked as safe to Disable
o Set Installation of desktop items to Prompt
o Set Launching programs and files in an IFRAME to Prompt
o Set Navigate sub-frames across different domains to Prompt
o Set Allow paste operations via script to Disable (see: http://support.microsoft.com/kb/224993 )
o Click OK and OK again. "
 

Answer:QUESTION _Sticky: How to Protect yourself from malware!

Re: QUESTION _Sticky:" How to Protect yourself from malware! "



jilter said:





In the below instructions, Is it necessary if I *NEVER* use IE, only Firefox?Click to expand...

Yes! Some applications will automatically launch IE sessions since that may be all the can use. Also you need to use IE to be able to get all of your Windows Updates. And some websites (just like some applications) do require IE.
 

1 more replies
Relevance 47.56%

Topic title pretty much says it all. How can i prevent hijacking of my browser or even worse my entire computer? Last night i made a stupid move and attempted to download something off Pirate Bay, i read the comments and it looked legit. Since i didn't have a software that downloads the torrent i clicked on whichever one Pirate Bay offered me. The software was successfully installed and was downloading the program but it froze the halfway and my google chrome completely stopped working, Later on i found out that Conduit is a malware that sometimes installs itself without the user's permission and takes over the browser. Now i'm paranoid about downloading anything. By the way i have a supposedly good anti-virus : Bitdefender for which i paid good money! Very disappointed that it pretty much welcomed the bad malware with open hands and allowed it install itself. 

Answer:How to protect your computer from malware like CONDUIT??

attempted to download something off Pirate Bay : < Anything off these Torrents sites is 50 to 90% infected and not usually legalWinPatrol Free is one of the better programs to warn you if there is going to be an attempt to change your Home Page. This may help after you do a full scan with your Antivirus -Please download AdwCleaner by Xplode onto your desktop.*Close all open programs and internet browsers.*Double click on adwcleaner.exe to run the tool.*Click on Delete.*Confirm each time with Ok.*Your computer will be rebooted automatically. A text file will open after the restart.*Please post the contents of that logfile with your next reply.*You can find the logfile at C:\AdwCleaner[S1].txt as well.  Thank You -  

1 more replies
Relevance 47.56%

If I visit a malware site with latest version of Firefox with the NoScript extension without allowing any scripts, whats the chance of me getting infected if I don't download anything?
 
Also, I hope this is the right place to post this.

Answer:Will using NoScript protect you from a malware site if..?

COPIED FROM NoScript:
The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).
NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
You can enable JavaScript, Java and plugin execution for sites you trust with a simple left-click on the NoScript status bar icon (look at the picture), or using the contextual menu, for easier operation in popup statusbar-less windows.Watch the "Block scripts in Firefox" video by cnet.
 
If I were using Windows and could only have one security program/ add-on....it would be NoScript. I use it in Ubuntu, too.
There is a learning curve. It is not just install and forget. Install it and go to a popular site and then view all the scripts you never knew
were active on that site and are now blocked from running. You can click to allow just the site's scripting and still block all the others.
The ones that you want to play videos on will be one that you will spend the most time learning which script to allow only the videos to play.

11 more replies
Relevance 47.56%

Will Ad-Aware only detect the malware in its definitions during a scan, or does it also prevent it from being installed on your computer in the first place? What about A2? Many thanks. - Tye

Answer:Does Ad-Aware protect your computer from malware?

No on both counts. Try Spywareblaster click here

3 more replies
Relevance 47.56%

Hello,
My son went to an untrusted site and the computer was infected with the conduit searchprotect.  I tried removing it with Eset Home Security.
 
However, my PC is still acting strange. I think the internet is a bit slower. As well, when I try to run some .exe files, such as Eset's ERARemover tool, windows gives me an error "this app can't run on your PC".  I have windows 8.1 64-bit and have tried both 32bit and 64bit programs.
 
I can't attach a DDS log because it's now win8.1 compatible.
 
thanks.

Answer:Conduit Search Protect and other malware?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===These tools are compatible with your operating system.Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by click... Read more

8 more replies
Relevance 47.56%

I have somehow acquired some malware titled system tool protect your pc. It comes up randomly, asks if I want to scan, says I have over 800 Infections, and constantly prompts me to sign up for it to erase my viruses. I know this is malware, and I aquired it after my Norton expired. How can I remove it? Thank you!

I am using a Hp Pavilion Vista.
 

Answer:System Tool Protect your pc (malware)

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 47.56%

hello friends-i hope my title makes some sense. i wanted it to convey what i was asking about so people browsing could tell. cuz i couldn't find a question like mine.

i have a new hd completely installed and setup. my old hard drive is now the secondary master and although i still have the OS and programs installed, i never use it. lately i have been actively file-sharing via lime wire. i am behind a zone alarm firewall and running spyware blaster and AVG free. i also regularly scan with spybot S&D. i also scan each file with AVG b4 opening (thanks to majorgeeks for advising me on security)
however, i've been warned the limewire is notoriously risky as far as spyware etc. so my question is:

If i choose to open my secondary OS at start up, and browse and download these risky files to my secondary HD. will that protect my primary HD from infection?

if not, any other advice u have regarding the risks of file sharing are appreciated.

one thing i look out for is files that are too small to contain what they say they do. for example 100kb song files. i just dont download these.
 

Answer:2nd HD for dwnlds/protect primary from malware?

IMHO, I keep an operating system and a backup drive, without an operating system. Just put it on the same cable as primary slave. Frankly, if you are not dual booting 2 operating systems, theres no need to keep them both installed. That said, no any files on a second drive can, and probably will, affect the main drive, in your case, probably infect both drives. A drive formatted without an operating system for backup should be safe from virus and spyware infections, but can affect the other drive, in other words. Having that second drive is great for backups of important data in case of a need to format. I love having my spare drive. Your also correct about Limewire, but it is not specific to Limewire. Any file sharing application is a risk.

Did I answer what you needed?
 

2 more replies
Relevance 47.56%

Hi! I've been struggling with a win32Agent.frl trojan for a while now.

I tried several malware removal programs including Spybot (which always could find it but never really remove it). Nothing really wored. I rebooted the pc I'm not sure for how many times, but now somehow Spybot cant even find it anymore.

My question is could this trojan all the sudden be hiding somewhere else now? Meaning out of reach for Spybot to find it?

I ran a Hijackthis scan BEFORE but also AFTER its disappearance

I would appreciate all kind of help! Thanx in advance!

Answer:Win32agent.frl Spybot Removal?

Hello tamtum,

I apologise for the delay the forum is busy.

If you stilll need help, post a new HijackThis log.
Please post it normally, and not as an attachment.

2 more replies
Relevance 47.56%

Since my new hard disk was installed I have been plagued by the W32.spybot.worm which is in msnmsgrr.exe and servicelog.exe and which Norton cannot delete, inspite of updated files.I am trying to follow the directions on the Symantec site, but am stuck on the registry editing section. To begin with I cannot find a copy of windows backup on my Mesh emergency disk supplied with the disk. Secondly, when I go into the registry I am told to Navigate to the key:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunIn the right pane, delete the values:"msmanager32"="%System%\clients\faxclient\drivers"and:"Winsock2 driver" ="SDJOIJE.EXE" Navigate to the key:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceIn the right pane, delete the value:"Winsock2 driver" ="SDJOIJE.EXE" Now, following the paths, none of the files listed are there. There *are* msnmsgrr.exe and servicelog.exe files. Is it OK to delete these files? They are the ones which contain the worm, according to the Norton Virus check. The folder RunOnce does not contain the 'winsock2driver etc'. But I still have the Norton Antivirus window telling me that Norton has detected a virus in c:\windows\system32\msnmsgmgrr.exe. Clicking on OK just makes the window jump to another part of the screen.Is it OK to delete the msnmsgmgrr.exe and servicelog.exe files?Incidentally, the virus does not seem to be passing on to my email contacts or web forums (I hope not!).This isn't anything to do with the Spybot p... Read more

Answer:W32.Spybot.Worm removal

click here this may help,good luck

5 more replies
Relevance 47.56%

Hi,

Im not sure this is the right forum since i didn't get to the Hijackthis-step on greyknights' tutorial.

I ran bitdefender online, panda online, and trendmicro online, just to be sure.

The last one (trendmicro) says it found a trojan/worm but doesn't specify which file(s) were affected or give any other synonyms for the virus so i could do a search

a search on worm spybot-b7 gives me nothing.

Norton Antivirus off course didn't help at all, its not even detecting the virus with fully updated definitions...

Can anyone give me a clue where to look next?

thanks in advance

Answer:worm spybot b-7 removal

Hello Cardflopper and Welcome to the Security Center!

If viruses, trojans or malware are your problem, then you've come to the right place. Let's take a look at your system and see how things are going!

Please download HijackThis http://www.greyknight17.com/spy/HijackThis.exe - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Do not fix anything in HijackThis since they may be harmless.

Once you have the logfile saved, download and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in your next reply.

Please run an online virus scan at Panda ActiveScan. Save the results and bring them with you in your next post.

6 more replies
Relevance 47.56%

Is there a Spybot removal tool?
 

Answer:spybot removal tool?

walkbyfaith said:





Is there a Spybot removal tool?Click to expand...

Welcome aboard, no need for any tools, just delete it from Add/Remove and clear the hosts file. Can I ask why you want to do this? Is it because of Teatimer?
 

1 more replies
Relevance 47.56%

ok i installed then removed program but a folder has been left on desktop saying spybotsd160.if i try to delete it it says in use and wont allow me to remove.how do i remove this folder.

Answer:removal of spybot problem

Have vyou tried CCleaner

3 more replies
Relevance 47.56%

While wireless in a hotel i picked up Win32.Agent.pz and Win32.zbot on my notebook. I found them after doing an AVG scan which didnlt say anything about them and Spybot which found them. It asked if I wanted to remove them and I said yes. My question is "does SpyBot remove the Trojan completely or should I download a removal programmee.g. scanforfree.comSubsequent scans don't reveal anything. ThanksPaul2008

Answer:Trojan removal with SpyBot

It should be clear now - but just to be safe you could download, update and run Malwarebytes (free version) from click hereYou could just run the Quick scan - if that's clear you should be fine. If it finds anything then remove, and then run the Full scan.

1 more replies
Relevance 47.56%

Apologies, but i'm a bit of a novice. my computer did a scan when i started it and came up with some trojans. when i tried to delete them, a malware removal programme tried to install itself so i closed the download dialog box. unfortunately, i cannot remember the name of the software that was trying to install itself. please would you review my log below and help me clean my computer?

many thanks
---------------------------------------------------------------

DDS (Ver_09-12-01.01) - NTFSx86
Run by 0 at 19:57:35.67 on 02/01/2010
Internet Explorer: 7.0.6001.18000
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.44.1033.18.3000.1826 [GMT 0:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows&... Read more

Answer:attempted removal of trojans try to install "malware removal software

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 47.56%

Did you ever hired about MTR - Malware Thread Remover
Or some ?
It's local softwere for fix PC and defense against malicious software it s used in
3 -shools
10- small corps
And about 200 home ushers
I can find the website or there is none
I just meet that person his name is Peiet
And he is from I don't know where I didn't remember it I think Macedonia or bostna and Hercegovina
I am waiting for an email from him for giving me a demo of it .
If you know something more tell me !

Peace
 

Answer:MTR - Malware Thread Remover

h00lks said:


Did you ever hired about MTR - Malware Thread Remover
Or some ?
It's local softwere for fix PC and defense against malicious software it s used in
3 -shools
10- small corps
And about 200 home ushers
I can find the website or there is none
I just meet that person his name is Peiet
And he is from I don't know where I didn't remember it I think Macedonia or bostna and Hercegovina
I am waiting for an email from him for giving me a demo of it .
If you know something more tell me !

Peace Click to expand...

....You probably mean that this person is from Skopje or Bosnia and Herzegovina
Because it is impossible a person with the name Peiet to come from Macedonia, otherwise he would have Greek name..
 

5 more replies
Relevance 47.56%

Having hit an email virus on our laptop, I was desperately looking for expert advice on scanning and cleaning computers. Googling anything to do with malware will attract the bad guys as much as genuine help, so it was a difficult choice. After reading some review and forum posts I decided to put my trust in bleepingcomputer and signed up. I received great advice from Broni and hopefully now can enjoy a clean laptop again.
 
Coming back here to improve my knowledge on malware I browsed some forum topic and when opening "Attempted to run GMER..." a popup window appeared asking:
 
"Do you want to update your Adobe Reader?"
 
That looked very suspicious. This is new Win7 machine freshly built with only MSE, MBAM and SBIE installed. I was inside the Sandbox so killed everthing straight away.
 
Can this thread be compromised? is my brand new machine compromised or what else?
 

Answer:Malware on bleepingcomputer.com thread?

Hi -Any new computer that is just set up may not have all of the software updated. Please run this quick scan first ang we can see -It may, or may not give you a warning, but that only depends on your Security settings and programs. See my NOTES - It is 100% safe - Download Screen317Security Check from Here and save it to your Desktop.* Double-click SecurityCheck.exe* Follow the onscreen instructions inside of the black box.* A Notepad document should open automatically called checkup.txt;* Please Copy / Paste the contents of that document back here. NOTE 1. If one of your security applications (e.g., third-party firewall, etc) requests permission to allow DIG.EXE (or a similar file) access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me. Thank You -

4 more replies
Relevance 47.56%

My computer is running sluggishly. I have installed Windows 10 (I believe about 3 weeks ago) which may be part of the issue. I also believe my computer may have been without virus protection for a couple days (subscription for Norton expired). When I try opening mozilla firefox, the browser freezes a lot and makes it difficult to perform simple tasks. My computer has a quad core processor, 16 gb ram, etc. so it should not be slowed down by menial tasks. Start up takes quite a bit longer than it previously did (maybe partially due to Windows 10 upgrade?).

Thank you in advance for your help!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412 BrowserJavaVersion: 11.45.2
Run by Chris at 18:37:06 on 2015-09-10
Microsoft Windows 10 Home 10.0.10240.0.1252.1.1033.18.8161.5456 [GMT -4:00]
.
AV: Norton 360 Premier *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Ad-Aware Antivirus *Disabled/Outdated* {B0CC18C6-E527-6EE6-874C-9D19920E5619}
SP: Ad-Aware Antivirus *Disabled/Outdated* {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Norton 360 Premier *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Ad-Aware Firewall *Disabled* {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
FW: Norton 360 Pre... Read more

Answer:Malware help thread went inactive

one other issue, my computer used to sleep after 30 minutes automatically, it will not do that since upgrading to Windows 10. This may be unrelated to the sluggishness, but wanted to add it just in case.

7 more replies
Relevance 47.56%

I started a thread and posted the scan results asked for and received a message that my post should be here. Here is the original thread (titled Windows Repair pre-repair log) with the scan results:

http://forums.majorgeeks.com/showthread.php?t=291340


I have since been able to download Malwarebytes by using Chameleon and ran it - it found no Malware.

I also didn't post the TDSS results as it also did not find anything. I have done nothing else or tried to fix anything per instructions.

Thanks for any help!
 

Answer:Malware help - moved thread

Your problems may not be due to malware, but I see some junk to cleanup so let's take care of this and see what happens.

Rerun Hitman Pro and the allow it to cleanup all the Malware remnants and Potential Unwanted Programs that it reported. Reboot immediately after.

After reboot please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Attach JRT.txt to your next message.

How is your PC working now?
 

8 more replies