Computer Support Forum

How to protect yourself from malware (for Vista)

Question: How to protect yourself from malware (for Vista)

Hello,

Is there any thread for "How to protect yourself from malware (for vista)" as the one written by chaslang for windows xp.

Another question plz. Is there any site to give ranking for antivirus softwares like matousec for pro-active internet security softwares.

Also kindly tell me plz that avast antivirus is better or comodo internet security with antivirus is better.

Thanks.

Relevance 100%
Preferred Solution: How to protect yourself from malware (for Vista)

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: How to protect yourself from malware (for Vista)

ablaze said:





Is there any thread for "How to protect yourself from malware (for vista)" as the one written by chaslang for windows xp.Click to expand...

It was not written for Win XP. It is for all versions of Windows althoough obviously there is more in there that relates to WinXP and older since they have been around longer.





ablaze said:





Another question plz. Is there any site to give ranking for antivirus softwares like matousec for pro-active internet security softwares.Click to expand...

You should ask in the Software Forum. But reviews of AVs are typically out of date by the time they are published. This happens because many programs update 3 to 5 times per day and even just one update can drastically improve or reduce an AVs test score.





ablaze said:





Also kindly tell me plz that avast antivirus is better or comodo internet security with antivirus is better.Click to expand...

You are not comparing apples to apples. Avast is just an antivirus. Comodo Internet Security includes all of the below:

firewall
antivirus
Host Intrusion Protection System (HIPS)
BOClean Anti-Malware is not being included in CIS

3 more replies
Relevance 52.48%

Ok this is weird. I run Ntl netguard, and Spyware Doctor. A few days ago, SpyDoc refused to auto update. Nothing strange thought I, site must be down.

Well its been four days now. Then I noticed I couldn't connect to Microsoft to do updates either. On further investigation, I found I can't connect to ANY legit malware sites. I have run Spybot, Ntl netguard, Malware Byte's anti malware, and Norton AV, none found anything wrong.

However, I tried setting up a proxy within Firefox, and CAN connect to the sites I couldn't otherwise. (albeit incredibly slowly).

As things stand, I can't update any malware software, and assume my poor PC must have caught something new and nasty.

Please help

Hi jack this follows:-

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:08, on 19/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterSer... Read more

Answer:Help Pls! Can't update Malware Protect or Visit Any Malware Sites

sorry, bump
 

2 more replies
Relevance 48.79%

i Just bought a new PC. i have a couple questions from the 'How to protect yourself from malware' thread.

My Pc is running windows 7.

In the Firewall section it doesnt say if the windows 7 firewall is sufficent? If it isnt i will download and outpost firewall and disable the windows one.

In the Antispware tools i downloaded Micrsoft security essentials for Winbdows 7. Since i also downloaded Avast as my anti Virus is it ok to run both these?

In the disable the autoruns feature there is no update for windows 7?
 

Answer:How to protect yourself from Malware

avilo4u said:





In the Firewall section it doesnt say if the windows 7 firewall is sufficent? If it isnt i will download and outpost firewall and disable the windows one.Click to expand...

While the Windows 7 firewall is better than what was in previous versions of Windows, it is still very inadequate.





avilo4u said:





In the Antispware tools i downloaded Micrsoft security essentials for Winbdows 7. Since i also downloaded Avast as my anti Virus is it ok to run both these?Click to expand...

No! MSE is and antivirus and antispyware. So is Avast. You can only have one of them installed.





avilo4u said:





In the disable the autoruns feature there is no update for windows 7?Click to expand...

Microsoft has never updated their info ( from here http://support.microsoft.com/kb/967715 ) for Windows 7 so I'm not sure if everything that is used for Vista would apply.

You can just run this >> Autorun Eater
 

6 more replies
Relevance 48.79%

Something (Malware ? ?) locked up my PC (Windows XP). I got a pop up message that my PC was infected and click "yes" to buy an AV program. I did not click "Yes", but every program I tried to run came up with the same message. I took it where I bought it and they fixed it by cleaning my hard drive and re-loading my OS. Fortunately, I had BU'd my personal files. They called the problem an "intercept". Norton AV did not catch it. They also loaded "Malwarebytes" for me.

What is the best way to protect for this kind of problem ?
 

Answer:How to protect against Malware ?

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 48.79%

How would you protect yourself from a fud?
 

Answer:How to protect yourself from a FUD malware?

LukeNukesEm said:





How would you protect yourself from a fud?Click to expand...

Supplement your security with something besides signatures.
 

34 more replies
Relevance 48.79%

Make sure you get your system protected from ocurrences of malware problems. Below are some simple steps you can take to reduce the chance of infection in the future. I strongly encourage you to do them all. There is no perfect solution for totally preventing malware from getting on your PC, however, these steps will help.

Please do not make the false assumption that this thread is old or out of date based on the date the thread was started ( 10-10-04 21:52 ). Look at the Last Edited date at the bottom of this message as this procedures does evolve with time.

IMPORTANT NOTE: It is getting more and more difficult to find real true freeware these days that does not include bundleware, toolbars...etc and junk you just don't want. Make sure you pay attention during installation of anything you download and read license agreements. Be sure to uncheck check boxes for the bundleware and toolbars where you can so that you opt out because the defaults are always to opt in.


1. Visit Windows Update: Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS. For anyone who is not yet running at least Windows 7 (which you really should be running at a minimum if your PC supports it) see the below link before updating. Note: Windows XP is not longer supported by Microsoft and is hence a security risk.

Windows 7 Upgrade Advisor
You should check for Windows Updates at least once a ... Read more

More replies
Relevance 48.38%

We maintain several PCs from a library, a research lab for students in a university. Just recently bunch of malwares swarm inside the lab and nearly affected all the machines. Most of these malwares are being imported from student's flash drives in which they're freely allowed to plug on the PC's. So cleaning the infections was really tedious. We cloned the drives and some were fixed using anti-malware softwares. 
 
Each computer is running a Microsoft Security Essentials for virus protection, and that's it.

Our main problem is, how should we setup each PCs so that we can prevent those viruses from porting inside the system? Is there any particular software or windows configurations that can offer such functionality? MSE merely detects all these viruses and most of it already infiltrated the system and removing each as I said is very tedious and time consuming.
Maybe you guys got some efficient workarounds with this type of predicament.NOTE:
All PCs have the same hardware and uses Windows 7 32bit.
 

Answer:How to protect PCs from USB-malware carriers?

Simple, look at:
 
http://www.bleepingcomputer.com/forums/t/541639/security-suggestions-post-3-of-7/
 
Have a great day!

 

11 more replies
Relevance 48.38%

I have read this threadhttp://forums.majorgeeks.com/showthread.php?t=44525 and i am paying particular attention to #5 AntiSpyWare Tools, and it states ONLY USE 1 REALTIME BLOCKER So my question is, i use ESET'S nod32 Antivirus to protect my machine, but it has antispyware protection included. I also have Malwarebytes Pro providing real time blocking, so am i in effect useing more then 1 realtime blocker? If so what do i do about that? I paid for Malwarebytes Pro, not using it will defeat it's purpose and be considered a waste of money!
 

Answer:How to Protect yourself from malware Thread

You;re fine. One AV only, but you can have more than one AS (Anti-spyware ).
 

3 more replies
Relevance 48.38%

I continue to get the "SysProtect" download window on both I.E. and Mozilla. Followed your steps listed to clean my system, but same "Virtumonde" files appear each time I run Ad-Aware. Here is the Hi-Jack this log (after running Ad-Aware, see end of log for HijackThis log generated after restarting computer w/o running Ad-Aware):Logfile of HijackThis v1.99.1Scan saved at 9:48:28 PM, on 5/18/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton AntiVirus\IWP\NPFMntor.exeC:\WINDOWS\System3... Read more

Answer:Malware - Virtumonde & Sys Protect?

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.Step #1Scan again with HijackThis and check the following items:R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: WTLHelper Object - {6D33B121-5C4C-4450-9D1F-7B67085CC199} - C:\WINDOWS\system32\jkhhe.dllO20 - Winlogon Notify: jkhhe - C:\WINDOWS\system32\jkhhe.dllAfter checking these items, close all browser windows except HijackThis and click "Fix checked".Step #2Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.Put a check next to Run VundoFix as a task.You will receive a message saying vundofix will close and re-open in a minute or less. Click OKWhen VundoFix re-opens, click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YESOnce you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will shutdown your computer, click OK.Turn your computer back on.Please go HERE to run Panda's ActiveScanOnce you are on the Panda site click the ... Read more

7 more replies
Relevance 48.38%

Hello - First, let me say thank you for helping me rectify a really poor choicesof opening software I wasn't 100% certain was verifiable. As a result I have the Virust Protect Pro problem (at a miniumum) which seems to tie up my machine a lot and causes problems with my wireless network adapter. I have used Spybot and Adware to no avail. I've copied and pasted the Hijack This log below and won't make any changes until I hear from you.
With great thanks for your help!
K

Logfile of HijackThis v1.99.1
Scan saved at 3:52:29 PM, on 8/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program F... Read more

More replies
Relevance 48.38%

Hi. I am rather a person with basic knowledge about computers so don?t be surprised if my question will sound stupid to you.
I have a Windows PC and I often use my thumb drive to print some documents in my university. I?m afraid that it will become infected someday so I thought it would be a good idea to use it only with Puppy Linux when I'm at home. This is why I made my thumb drive a bootable one with Puppy on board. What I want to do is to boot to Puppy, copy the files I need to print or use at the university to the USB drive, then close the system and disconnect the USB drive. To be clear, only one USB stick is involved in this process (Puppy and data are on the same USB stick). Would that prevent infecting my Windows PC? If not then how can I avoid viruses spreading through USB? Can malware do any harm to Windows OS when Puppy is booting?
 

Answer:Can puppy protect me from malware?

Good idea if I understood correctly
 

7 more replies
Relevance 47.56%

If you know about security in website and computer then tell me how to secure Website from Malware Attack. And what is the role of Google Webmaster in security purpose?
 

More replies
Relevance 47.56%

I am getting three screens that come up when ever I try to do work on any program. (1) Windows Security alert (2) Spyware Protect 2009 alert (3) Spyware Alert

DDS (Ver_09-02-01.01) - NTFSx86
Run by Kim at 10:54:20.07 on Thu 02/19/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2430.1853 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)

============== Running Processes ===============

J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
J:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
J:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\McAfee.com\Agent\mcagent.exe
J:\WINDOWS\svcho.exe
J:\Program Files\AIM6\aim6.exe
J:\Program Files\Windows Live\Messenger\msnmsgr.exe
J:\Program Files\Messenger\msmsgs.exe
J:\WINDOWS\sysguard.exe
J:\Program Files\AIM6\aolsoftware.exe
J:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
j:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
j:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
J:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
J:\Program Files&... Read more

Answer:Spyware Protect 2009 malware

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post a fresh dds log, please.

2 more replies
Relevance 47.56%

Will Ad-Aware only detect the malware in its definitions during a scan, or does it also prevent it from being installed on your computer in the first place? What about A2? Many thanks. - Tye

Answer:Does Ad-Aware protect your computer from malware?

No on both counts. Try Spywareblaster click here

3 more replies
Relevance 47.56%

hello friends-i hope my title makes some sense. i wanted it to convey what i was asking about so people browsing could tell. cuz i couldn't find a question like mine.

i have a new hd completely installed and setup. my old hard drive is now the secondary master and although i still have the OS and programs installed, i never use it. lately i have been actively file-sharing via lime wire. i am behind a zone alarm firewall and running spyware blaster and AVG free. i also regularly scan with spybot S&D. i also scan each file with AVG b4 opening (thanks to majorgeeks for advising me on security)
however, i've been warned the limewire is notoriously risky as far as spyware etc. so my question is:

If i choose to open my secondary OS at start up, and browse and download these risky files to my secondary HD. will that protect my primary HD from infection?

if not, any other advice u have regarding the risks of file sharing are appreciated.

one thing i look out for is files that are too small to contain what they say they do. for example 100kb song files. i just dont download these.
 

Answer:2nd HD for dwnlds/protect primary from malware?

IMHO, I keep an operating system and a backup drive, without an operating system. Just put it on the same cable as primary slave. Frankly, if you are not dual booting 2 operating systems, theres no need to keep them both installed. That said, no any files on a second drive can, and probably will, affect the main drive, in your case, probably infect both drives. A drive formatted without an operating system for backup should be safe from virus and spyware infections, but can affect the other drive, in other words. Having that second drive is great for backups of important data in case of a need to format. I love having my spare drive. Your also correct about Limewire, but it is not specific to Limewire. Any file sharing application is a risk.

Did I answer what you needed?
 

2 more replies
Relevance 47.56%

Hey!
I am a web designer and I just got permission to work from home for the next week. I am allowed to take my work laptop home for it. I would like some advice regarding the security concerns before I start the work.
I have heard about spyware and malware attacks that can cause severe loss of data. I don't want such things happening to me in my work system. As of now it's clean and no malicious files are present in the system. It's installed with Kaspersky Internet Security and ExpressVPN when connecting to the Internet. Will it help in protection from spyware and malware? I have seen articles mentioning not clicking on emails and installing antivirus softwares will help, but still I have heard a lot about such attacks. What else can I do to ensure nothing harmful will happen?
 

Answer:Will Kaspersky and VPN protect from malware attacks?

It being a work laptop, you shouldn't replace any of the pre-installed software, correct?
 

3 more replies
Relevance 47.56%

I have somehow acquired some malware titled system tool protect your pc. It comes up randomly, asks if I want to scan, says I have over 800 Infections, and constantly prompts me to sign up for it to erase my viruses. I know this is malware, and I aquired it after my Norton expired. How can I remove it? Thank you!

I am using a Hp Pavilion Vista.
 

Answer:System Tool Protect your pc (malware)

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 47.56%

Hello,
My son went to an untrusted site and the computer was infected with the conduit searchprotect.  I tried removing it with Eset Home Security.
 
However, my PC is still acting strange. I think the internet is a bit slower. As well, when I try to run some .exe files, such as Eset's ERARemover tool, windows gives me an error "this app can't run on your PC".  I have windows 8.1 64-bit and have tried both 32bit and 64bit programs.
 
I can't attach a DDS log because it's now win8.1 compatible.
 
thanks.

Answer:Conduit Search Protect and other malware?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===These tools are compatible with your operating system.Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by click... Read more

8 more replies
Relevance 47.56%

Topic title pretty much says it all. How can i prevent hijacking of my browser or even worse my entire computer? Last night i made a stupid move and attempted to download something off Pirate Bay, i read the comments and it looked legit. Since i didn't have a software that downloads the torrent i clicked on whichever one Pirate Bay offered me. The software was successfully installed and was downloading the program but it froze the halfway and my google chrome completely stopped working, Later on i found out that Conduit is a malware that sometimes installs itself without the user's permission and takes over the browser. Now i'm paranoid about downloading anything. By the way i have a supposedly good anti-virus : Bitdefender for which i paid good money! Very disappointed that it pretty much welcomed the bad malware with open hands and allowed it install itself. 

Answer:How to protect your computer from malware like CONDUIT??

attempted to download something off Pirate Bay : < Anything off these Torrents sites is 50 to 90% infected and not usually legalWinPatrol Free is one of the better programs to warn you if there is going to be an attempt to change your Home Page. This may help after you do a full scan with your Antivirus -Please download AdwCleaner by Xplode onto your desktop.*Close all open programs and internet browsers.*Double click on adwcleaner.exe to run the tool.*Click on Delete.*Confirm each time with Ok.*Your computer will be rebooted automatically. A text file will open after the restart.*Please post the contents of that logfile with your next reply.*You can find the logfile at C:\AdwCleaner[S1].txt as well.  Thank You -  

1 more replies
Relevance 47.56%

Hello,I recently managed to aquire a virus that seems to have taken over my computer. There's a bar that appears right below the address bar for internet explorer telling me to download the latest antispyware to protect my computer. I cannot pull up my Task Manager, my computer prompts me that it has been disabled by my administrator. My desktop background has been changed to a message stating the computer has several fatal errors. and occasionally music will play at random that i've never heard before.here is my log:Deckard's System Scanner v20071014.68Run by Josh UWL on 2008-04-09 16:35:51Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --49: 2008-04-09 21:36:32 UTC - RP521 - Deckard's System Scanner Restore Point48: 2008-04-08 16:12:26 UTC - RP520 - Restore Operation47: 2008-04-08 16:08:59 UTC - RP519 - Last known good configuration46: 2008-04-08 16:08:42 UTC - RP518 - Restore Operation45: 2008-04-08 16:08:41 UTC - RP517 - Last known good configuration-- First Restore Point -- 1: 2008-04-08 16:08:11 UTC - RP473 - System CheckpointBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 85% (more than 75%).Total Physical Memory: 447 MiB (512 MiB recommended).-- HijackThis Clone --------------------------------------------------... Read more

Answer:Protect.antivirus Malware Infection

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

10 more replies
Relevance 47.56%

I just got my degree and have not been able to find work so I can only thank all the people at MajorGeeks.
I am 'Gunk Free' but was reading the chaslang's post "dated 10-10-04, 21:52, How to Protect yourself from malware! - MajorGeeks Support Forums"; and under the firewalls to use "Outpost Firewall Free" is listed when I went to download it, it is Dated: 2009-05-08 is it still a good firewall to use?
Thank you in advance for your help.

At a point in time I was 01 of them that understood some binary.
 

Answer:How to Protect yourself from malware! post question

Yes, it is still a good firewall. Just make sure you keep it updated as you would with all other protection software.
 

1 more replies
Relevance 47.56%

If I visit a malware site with latest version of Firefox with the NoScript extension without allowing any scripts, whats the chance of me getting infected if I don't download anything?
 
Also, I hope this is the right place to post this.

Answer:Will using NoScript protect you from a malware site if..?

COPIED FROM NoScript:
The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank).
NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser.
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
You can enable JavaScript, Java and plugin execution for sites you trust with a simple left-click on the NoScript status bar icon (look at the picture), or using the contextual menu, for easier operation in popup statusbar-less windows.Watch the "Block scripts in Firefox" video by cnet.
 
If I were using Windows and could only have one security program/ add-on....it would be NoScript. I use it in Ubuntu, too.
There is a learning curve. It is not just install and forget. Install it and go to a popular site and then view all the scripts you never knew
were active on that site and are now blocked from running. You can click to allow just the site's scripting and still block all the others.
The ones that you want to play videos on will be one that you will spend the most time learning which script to allow only the videos to play.

11 more replies
Relevance 47.56%

Microsoft said:

A view of the current landscape
Criminal attacks continue to evolve and malware has become their standard weapon against anyone who uses the Internet?on traditional form-factor devices, as well as on mobile devices like tablets and phones. Malware targets all operating systems and browsers, and in recent years, criminal attacks against applications have increased substantially.

Criminals also use social engineering to trick you into performing actions that put you at risk. An increasingly common social engineering strategy uses online advertising campaigns to lure you to a site that installs malware on your computer.

An economy has developed around building reliable vulnerability exploits, which criminals buy to help distribute their malware. Criminals make money from their malware, so they invest in ways to keep it alive such as producing a higher quantity of malware, updating it more frequently?e.g. multiples times each day?and increasing its size and complexity. Some malware is as complex as commercial applications.

Secure by design
We use the Security Development Lifecycle (SDL) to build Windows with the best security design, development and testing practices available. Some highlights include:
Threat modeling and security design reviews. During the design process we consider how criminals might seek to attack features and scenarios, and incorporate this analysis into our designs.
Writing secure code. Training and code quality tools help to pre... Read more

Answer:Windows 8 will better protect users from malware

Well its like malware writers would take time to discuss how they will bypass those features. Its like Windows 8 were built in security and could led to few vulnerability probably.
 

6 more replies
Relevance 47.56%

Malware Protection is a rogue anti-virus application that runs a fake system scan and then concludes that your computer has a malware infection or serious security/privacy issues. To fix the malware infection you must pay a fee, about $50. The rogue program copies user interface elements from real programs and it looks like a legitimate application. Plenty of people shell out $50 to register this fraud and that's a big problem because if you're transacting with these guys online you're offering them your credit card details. Cyber criminals can later user that information to their benefit. You should protect yourself with common sense and legitimate anti-virus software because such fake anti-virus applications as Malware Protection now represent about 20% of all malware in circulation. If you made a mistake and purchased it, please contact your credit card company and dispute the charges. And if you still have this fake AV on your computer, please follow the removal instructions below to remove Malware Protection and related malware for free.

Manual Malware Protection removal instructions:

1. Right click on the "Malware Protection" icon, click Properties in the drop-down menu, then click the Shortcut tab.

The location of the malware is in the Target box.

NOTE: by default, Application Data folder is hidden. Malware files are hidden as well. To see hidden files and folders, please read Show Hidden Files and Folders in Windows.

Under the Hidden f... Read more

Answer:How to protect and clean your computer from malware

Is this a removal guide for this rogue or ?

 

1 more replies
Relevance 47.56%

QUESTION _Sticky:" How to Protect yourself from malware! "

In the below instructions, Is it necessary if I *NEVER* use IE, only Firefox?

Thanks!


"6) Adjust Active X security settings

* In Internet Explorer, click Tools, Internet Options, Security. Click on the Internet globe. Then select Default Level, then click OK. Now select Custom Level and scroll down to the ActiveX controls and plug-ins section (some may already be set correctly):
o Set Download signed Active X controls to Prompt
o Set Download unsigned Active X controls to Disable
o Set Initialize and Script ActiveX controls not marked as safe to Disable
o Set Installation of desktop items to Prompt
o Set Launching programs and files in an IFRAME to Prompt
o Set Navigate sub-frames across different domains to Prompt
o Set Allow paste operations via script to Disable (see: http://support.microsoft.com/kb/224993 )
o Click OK and OK again. "
 

Answer:QUESTION _Sticky: How to Protect yourself from malware!

Re: QUESTION _Sticky:" How to Protect yourself from malware! "



jilter said:





In the below instructions, Is it necessary if I *NEVER* use IE, only Firefox?Click to expand...

Yes! Some applications will automatically launch IE sessions since that may be all the can use. Also you need to use IE to be able to get all of your Windows Updates. And some websites (just like some applications) do require IE.
 

1 more replies
Relevance 47.15%

How does comodo firewall protects against signed malware at cruelsister's settings? Also i can disable its processes via task manager. How its self protection?
I am going to use it on my system with cruelsister's settings but these issues are my main concern which do not let me believe in comodo's power.
So,help me out and give the required info.
Thanks.
 

More replies
Relevance 47.15%

Hi everyone,
I want to tell my story about protection of ESS on my computer. Today, when my friend plug in his USB into my computer, I noticed that his USB shows only 1 USB shorcut in explorer. Before, my previous machine is infected by this malware type (malware creates USB shorcut) so I have experience with it. And when he plug his USB in, I run ESS Smart Scan but it found nothing. This afternoon, when I plug my USB in my machine, I saw that all things in my USB turn into 1 USB shorcut, I run Smart Scan again with my USB and found nothing, too (I also run a scan by Zemana AntiMalware, and it found nothing, too). After that, I installed MCShield AntiMalware Tool, and scan my USB with it. Magically, It found .ink malware in my USB and cleaned it sucessfully! This is screenshot about log of MCShield:

And now, I'm very disapointed with my ESET . It makes me got infected easily! . How do you think about my problem, please share with me.
 

Answer:ESET Smart Security can't protect me from .lnk malware

ESET protects against malware coming from USB devices.
Probably did not recognize the malware that caused the problem.
You have done well to use McShield.
 

71 more replies
Relevance 47.15%

To start let me thank you for putting all these great programs in one easy to download area! Just following this guide has cleaned out several items from my supposedly secure system.

I did find one broken link however and got lost going through the giant comodo forum trying to find another thread with a similar ease of use allure.

This one: Configuring CIS for Maximum Security with ZERO Alerts for Novices

If you could give me an updated link it would be much appreciated.
 

Answer:Broken link in: Sticky How to Protect yourself from malware!

Thank you for bringing it to our attention. We will see what can be done to fix that issue.
 

2 more replies
Relevance 47.15%

I would really appreciate some assistance with "Internet secruity designed to portect" malware and/or virus.  I have attempted to remove this with no luck.  I did install and run Malware Bytes.  Initially it listed several virus which I removed.  However, I still have a problem.  Anytime I try to run/download anything it is blocked by this annoying virus.  What can I do? Any and all help would be greatly appreciated.

Answer:Internet Secruity Designed to Protect Malware Help Please

Hello, I moved you from WIN7 to the Am I Infected forum for now.
Please try following this GUIDE.

1 more replies
Relevance 47.15%

I finally found a fix to the malware the the Virus Protect Pro created and it cleaned out everything. The free software (to use and clean) is called Super AntiSpyware (that's quite some name) and you can download the free home version at http://www.superantispyware.com/superantispywarefreevspro.html
I'm going over there now to donate some money as it was my stupidity that had me lose about 6 hours trying to fix what I did. It's always nice to find a hero.

With blessings for a great day.
K
 

More replies
Relevance 47.15%

Hello. My kid's PC -- an HP (Model M7567C, with 2, 260 GB hard disks and 2 GB RAM) is infected by "Spyware Protect 2009" malware. The malware repeatedly displays at least 3 different pop-ups saying there's a spyware infection and offers to sell a fix; the program also prevents Explorer from working properly. There are no obvious programs/processes to shut down from the control panel. The machine has Zone Alarm Security Suite installed - I'm not sure if my kids ignored a warning or if the software mistakenly let something in. Zone Alarm technical support said to try running Malwarebytes' Anti-Malware automated removal tool, but the program doesn't seem to run (nothing happens after the program is downloaded and launched). I tried running Zone Alarm virus and spyware scans, but the program runs slowly and eventually hangs (I think I ran the Zone Alarm scan in the Windows Safe mode). I can boot the PC in Windows Safe mode, but unfortunately there is no useful restore point. I can boot the PC in the normal Windows mode but it takes 2 or 3 cold starts. I can use Microsoft Explorer (through a wireless LAN connection), but in the normal Windows mode Spyware keeps hi-jacking Explorer and displaying its rouge messages.

Before I give up and reformat the hard disk and re-imaging the disk from the backup system disks, I would like to try a less time consuming solution. Any suggestions are welcome! Thanks!

I ran the DSS scan as instructed. Here are the res... Read more

Answer:"Spyware Protect 2009" malware problem

I wanted to add some new information to my original posting that seems to be related to my problem.

When my spyware infected PC boots, I get the following messages:

"The application or DLL c:\windows\system32\digeste.dll is not a valid windows image."

"View Manager has encountered a problem and needs to close."

"Error loading c:\windows\griwapaxim.dll. The specified module could not be found."

I noticed that there was a Windows update available today (the February update of Microsoft's anti-spyware program). I installed this application; after this, Zone Alarm Suite was then able to run (up to now, it just hung up), and 2 items were quarintined: WIN32.SYSGUARD adn WIN32.TROJAN.FAKEALERT.IEH

However, there are still problems with my PC. I still can't get Malwarebytes' program to run, even when I rename the *.exe file to *.bat. It seems like whatever is still injecting my PC interferes with any anti-spyware/malware program from running properly and interferes with the operation of Explorer.

Thanks.

4 more replies
Relevance 47.15%

> I am  using sify ISP with limited data tarnsfer package.>My ISP is showing that i have downloaded 1200 MB which is not true.>I did'nt turned  on the PC on the date prescribed by ISP but it showing i have downloaded 1200 MB and has cut down 20 valid days>I think some one has hacked my system.So i am requesting you to tell the best way to protect my system from malware and internetThanks in advace.

Answer:Best way and best software to protect my system from malware and Internet?

Before anyone tells you that,   it may be that someone connected to your internet connection, via wireless?How are you connected to the internet?Because if your computer was off on those dates, even if a hacker got into the system the computer needs a physical connection to the internet, while the computer is off, there is no way of obtaining an internet connection.

3 more replies
Relevance 47.15%

Hi Folks, Yes I've got the privacy protection Malware, currently running windows XP on a dell laptop and I cannot start up in the safe mode, no Internet start up or execution of any programs allowed. Looks like I can strip documents & information off but thats about it. Can anyone share my options to cure this problem?

Thanks in advance - L

Answer:OK I've got the Privacy protect malware & no safe mode

Hello LarsLind,I moved this to Am I Infected.For the connection try these...Please click Start > Run, type inetcpl.cpl in the runbox and press enter.Click the Connections tab and click the LAN settings option.Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.Now check if the internet is working again.ORGo to Start ... Run and type in cmdA dos Window will appear.Type in the dos window: netsh winsock resetClick on the enter key.Reboot your system to complete the process..Please follow our Removal Guide here Remove Privacy Protection (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Also the other tool log.. A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.

1 more replies
Relevance 47.15%

My computer is infected with a malware program called "Spyware Protect 2009" how do I get rid of it? I followed instructions and have copied DDS and Attach files below. popup windows keep appearing saying my computer is infected with a virus and I need to install their software.
DDS (Ver_09-03-16.01) - NTFSx86
Run by John Schlatterer at 2:44:20.15 on Mon 03/16/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.96 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files&... Read more

Answer:remove malware, Spyware Protect 2009

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any scri... Read more

2 more replies
Relevance 47.15%

> I am using sify ISP with limited data tarnsfer package.
>My ISP is showing that i have downloaded 1200 MB which is not true.
>I did'nt turned on the PC on the date prescribed by ISP but it showing i have downloaded 1200 MB and has cut down 20 valid days
>I think some one has hacked my system.
So i am requesting you to tell the best way to protect my system from malware and internet
Thanks in advace.
 

Answer:Best way and best software to protect my system from malware and Internet?

Security is a wide topic. If you browse aound on this forum, you will find recomendations on Anti Virus and Anti Spyware and Firewalls.
If you have Windows XP Professional, MS published an XP Security Guide v2 and tells you how to harden XP Pro. It is available here:

http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/default.mspx#ETE

If you have Vista, there is a Vista version of the Security Guide:

http://www.microsoft.com/downloads/...ed-7f35-4e72-bfb5-b84a526c1565&displaylang=en

Hardening an OS gives the attacker a smaller attack surface by disabling unnecessary features. XP after a fresh install is quite bloated and has a lot of places for an attacker to poke at.

Also you should consider running it daily using a limited user account, as that prevents some malware from working and prevents malware from making system wide changes. In the Unix world, nobody runs a machine daily using the admin account. MS acknowledges that and has made UAC for Vista to achieve the same end.

Here's more details about that:
http://www.mechbgon.com/build/security2.html

Also along the lines of protection and prevention, use Mcafee's Site Advisor, available here:

http://www.siteadvisor.com/

It places a site rating besides every google result and tells you about malware infested sites before you go clicking on them and instantly infecting your machine.
 

3 more replies
Relevance 46.74%

Hi, i'm having a problem with my web browser since using the malwarebytes anti-malware scan. Before I ran the scan and removed the infections it found, I was able to open webpages and go to sites although when i would try to search it would redirect the page. After I ran the scan and deleted the infections, I tried to open a webpage and it said it couldn't display it although I was connected to the internet. One of the things the scan found said "adware.mywebsearch" I would assume that was the reason it was redirecting the page. As of right now, I have done a system restore to a point before i removed the infections so i could display a webpage to get help. If someone can please help me, I would be very grateful.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Leslie at 14:54:14.01 on Wed 05/06/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.496 [GMT -4:00]

AV: CA Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEn... Read more

Answer:malware agents/koobface,spyware protect removal

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 46.74%

Hey guys, I am sure you can relate to my current woes here. I have a family member who is just always getting malware on their computer. Getting tired of cleaning it up so frequently and I wanted to ask you guys what you do. Personall I install Chrome and MSE, and set MSE to a Full Scan once a week with real time monitoring. I also preach safe web surfing, but honestly, it's like telling a Crack Head that crack kills.

So what do you guys do to try to ease the pain of fixing a family members computer?
 

Answer:How do you Setup your family members computer to protect from malware?

They now have Macs
 

46 more replies
Relevance 46.74%

I have recently been infected with a fileless malware. I have run a scan with ksc and it reported some memory detection. So,i run a scan with fully updated avast free and emsisoft eek but they didn't find anything. Finally, i have to scan with zemana and only after it detected and removed a fileless malware,ksc was able to give my system a clean sheet. Does kaspersky and zemana the only one to protect against such attacks? I need a free tool to protect my system against such attacks. The detection by zemana was "trojan poweliks: fileless malware". I don't need any whitelisting software and i also sincerely think that even they cannot counter such attacks.
 

Answer:Do you know any free software to protect against fileless malware attacks?

avast and bitdefender free are both goof
 

23 more replies
Relevance 46.74%

I've been using AVG, and have bought the full version, yet was confused with what I had to do.  Can anyone tell me which product is user friendly, yet a good system choice.  Thanks,
Would be appreciated. 
 

Answer:What is a good product to buy to protect and remove virus, malware etc...

My personal choice is ESET NOD32 Anti-Virus if choosing a paid for program as it leaves a small footprint...meaning it is not intrusive and does not utilize a lot of system resources. Kaspersky Anti-Virus is also a good choice if looking for a paid for program. If you don't want to pay then I recommend avast! Free Antivirus.For more specific information to consider, please read:Choosing an Anti-Virus ProgramSANS Institute Choosing Your Anti-virus SoftwareImportant Fact: It has been proven time and again that the user is a more substantial factor in security than the architecture of the operating system or installed protection software. Therefore, security begins with personal responsibility and following Best Practices for Safe Computing.

6 more replies
Relevance 46.74%

Hi

I was just wanting to know the reason why Spybot S&D was removed from the "How to Protect yourself from malware!" sticky.

I am using version 1.6.2 since I found the newer v2 to be quite bloated and annoying. Should I still be using 1.6.2 since it still downloads the lastest malware signatures? Or is there an important reason why it was removed as a recommended antispyware tool?

Cheers
Sam
 

Answer:Reason for Spybot S&D removal from How to Protect yourself from malware thread?

Just not that useful anymore and as you noted V2 is too bloated. We also never liked Teatimer.

You can still use the old version and make use of the bad download blocker and hosts file protection if you wish but I would not use Teatimer. Modern antivirus programs already included antispyware too.
 

1 more replies
Relevance 46.33%

Hi Guys,
Can I begin by saying a MASSIVE thank you to you all-I'd be totally lost without your help
Ok, down to business-I've done as the guide suggests, performed the XP clean up, ran the programs and I've got all the logs which are hopefully attached. The problems started a almost a week ago when the dreaded "spyware protect 2009" screen started popping up and the icon lodged itself in my system tray and I got suspicious when there was no option to get rid of it-it's disabled my windows firewall, is blocking/redirecting my IE browser with it's phony msgs etc. If you need any more info or if I've somehow left something out/attached the wrong logs just let me know-it's purely out of ignorance and not laziness if that's the case!!!:-o

Thanks again- Cheree :wave
 

Answer:vundo/spyware protect 2009 malware-logs attached

here's the last log
 

6 more replies
Relevance 45.51%

Hello,Please help!!! I only have a couple of days to fix this comp before I leave!!!I am receiving security popups, Spyware Protect 2009 (I did not download) is in my task bar and keeps popping up with infiltration alerts, and IE keeps redirecting to http://browser-security.microsoft.com/blocked.php?r=21.0 displaying "Internet Explorer Warning - visiting this web site may harm your computer!" Then offering to link me to Purchase Spyware Protect 2009.Here is my DDS Log file and attachment.Thanks!!!peace.b.DDS (Ver_09-03-16.01) - NTFSx86 Run by John at 9:11:09.81 on Sun 03/22/2009Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.223.43 [GMT -5:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\VTTimer.exeC:\WINDOWS\system32\VTtrayp.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\PROGRA~1\Nero\data\Xtras\... Read more

Answer:Unkown Malware/Rootkit security popups - Protect Spyware 2009

thank you! topic is resolved through off-post email reply.

Malware-bytes removal is the best!

peace.b.

2 more replies
Relevance 45.51%

My apology if this is in the wrong section or repeated topic.

I have Vista. I would like to know what kind of anti-virus/malware applications that are good in protecting Vista OS. I'm currently using Spyspot. I've heard of Malwarebyte anti malware and Superanti spyware. Are those approriate and good for Vista? If not, what other program that I should be using to protect my computer?

Thanks in advance!

Answer:Program to protect Vista OS

Hello I will move this from Vista to the AntiVirus, Firewall and Privacy Products and Protection Methods forum.. SpyBot is not an AntiVirus. I do like the SAS and MBAM tools you have. I like AVira as an A/V and I use all 3 on Vista.

6 more replies
Relevance 45.1%

Hi guys, for the life of me, i cant find it on google anywhere, just keeps coming up with xp password protect zip folder options, but not vista.anyone know how to do this?Cheers

Answer:password protect zip folders in vista

Use FlashCrypt click here

5 more replies
Relevance 45.1%

I don't understand why Vista wont allow the SIMPLE password protecting of a single folder, so I need some good 3rd party software that will allow me to password protect a folder.

I do NOT want to encrypt or compress the folder, just ask me for a damn password when I click on it!

Answer:password protect a folder in vista

Here are two free options that will hide and password protect folders. While both are free, in one the free version limits the number of folders that can be protected without upgrading to the paid version. I'm also not sure if you can avoid the hidden feature and just use the password feature, but you'll find out if you try them. If you set your system to show hidden files, that shouldn't be a problem in any event.

My Lockbox - Files and Folders Password Protection - Hide Folder Lock Folder Password Protect Folder - FSPro Labs

System Vault | Computer Realm

There are many other options if you search for "Password protect folders" but most are commercial though not too expensive. See if either of the above free options work for you first before spending money.

I hope this helps.

Good luck!

4 more replies
Relevance 45.1%

I have windows vista , There two administrator rights on the system , one of them is i , I want that second administrator should not able to see my data , what i have to for it please help me.

Answer:How to protect Data in windows Vista

Either password-protect all your data/files or make the other person a Limited user (or whatever it's called in Vista).

10 more replies
Relevance 45.1%

Hey, is there any way to password protect a file on vista?

Basically to access the file, I want a menu to pop up and prompt the input of a password.
 

Answer:Password protect files on Vista?

You cannot password protect files or folders.
 

5 more replies
Relevance 45.1%

My daughter called and said a neighbor girl is getting on her computer while she is gone to work, and getting on bad websites, etc.

What is the simplest way for my daughter to deny the girl access to her computer. What are the steps in password protecting computer under Vista?
 

Answer:Solved: How to Password Protect Vista

Click Start > Control Panel
Click User Accounts and Family
Click User Accounts
Click Change your password

Enter the desired password and supply a password hint.
Click OK.

Click Manage another account
Supply an administrator password if requested

Select the next account and follow the similar steps as above.

If some accounts already had passwords, consider changing them to provide more security.
 

2 more replies
Relevance 45.1%

I have windows vista , There two administrator rights on the system , one of them is i , I want that second administrator should not able to see my data , what i have to for it please help me.

Answer:How to protect Data in windows Vista

Double post click here

1 more replies
Relevance 44.69%

Hi once i have read some of your arhive threads last 6-27-08 i began to follow all of the steps from cleaning, defrag and Removal. I found out my PC had been infected with Trojan.Vundo(it was detected by malware)... I think it started when i downloaded last 6-26-08 a file at Bitlord. The first virus that was detected was a backdoor.trojan the Norton Anti-virus detect it and remove it. So i thought it was ok when i noticed my PC is slowing I already think that there are still problems with my PC. So i run again the Anti-virus and when it reaches 24% (estimated) my PC reboot and my keyboard got stalled and in my monitor it is BAD BIOS. but when i manually reboot it, it just jump to windows and didn't do the normal process when booting... and everytime I scan my PC with my AV it always reboot so i try to search the net and find you guys... a bit STRICT but helps us more to know and learn how to fix things with our PC

1. From cleaning guide my pc was running better than it was before...
2. From the Malware Removal Guide i don't know if i got the right proceedure
but got some problems...
a. SAS - it doesn't goes blue screen,but my problem here is when it attemps to scan my files it becomes stalled. the first time i ran it i left it for almost 6 hours... (thinking it would still work) so reading from the procedure if it doesn't work proceed to the next
b. Spybot - I dom't have problem here works really great
c. MAM - no problem he... Read more

Answer:Trojan.Vundo,Malware.Trace and Problems on boot and Norton Anti-virus Protect

here are the second logs of HJT and Combofix.

BTW,when i right-click all my folders and files and choose properties it seems that it has security tab and when i click the security tab there's been so much users and administrators in it. Is my files been publicly displayed or does this HighJacka** i mean Hacker get and manage my files...

Thanks...
 

16 more replies
Relevance 44.28%

If I connect to Internet, I felt somebody using my information. window vista is in my computer.how to protect from hackers.thanks.

Answer:Window vista how to protect from online hackers

Stopping your PC from being hacked into is a function of the Firewall software installed on it. Although Windows Vista has it's own Firewall, it only monitors data coming in, not going out, which leaves a PC only half-protected if a trojan should find it's way in and it starts sending data out.Moreover, the Windows Firewall is "silent", meaning it gives you no feedback when something is blocked in real-time.So a two-way, third-party Firewall will give you much better protection. All third-party Firewalls are two-way, so you only need to decide how much you want to pay for it, and which one you like best.I use Norton Internet Security which is a Firewall & Antivirus combined. It's easy to configure and use, and doesn't bombard you with endless alerts, plus I believe it's protection is second no none: http://now-static.norton.com/now/en...If you already have antivirus software & only need a Firewall, Norton do not have a "Firewall only" product anymore. There are some free ones listed below:Comodo Firewall: http://personalfirewall.comodo.com/ZoneAlarm: http://www.zonealarm.com/security/e...

4 more replies
Relevance 44.28%

Hey folks,

I have some files stored in one of my folders that I don't want any of my brothers or anyone else messing with and I was wondering if it is possible to put a password protection on a folder so that when someone tries to open up the folder it won't let them view the contents without typing in a password first.

If this is possible, how do I do it please?

BTW I am using Vista Ultimate x64.

Thanks in advance, folks!
 

Answer:Solved: Can You Password Protect A Folder In x64 Vista?

If you store the Documents in your User folder they shouldn't be able to access it, unless you are letting them logon as your user. You can also encrypt the folder contents natively with Vista.
http://lifehacker.com/software/vista/windows-vista-tip--encrypt-files-231815.php

There is also third party software like TrueCrypt and Axcrypt that can do this as well..
 

2 more replies
Relevance 44.28%

any free or cheap recomendations for password protecting certain folders in vista home premium.I am just using one account but i want some folders password protected.

Answer:recomendations for password protect folders, Vista

Ive used this before and its not bad AxCriptclick here

2 more replies
Relevance 43.87%

What are some ways I can password protect or user protect files and directories?

Do I need to set up a domain to do so? Can I get some recommendations please?

I am guessing that this could get crazy intense, so I hope someone will have some patience with me. I am interested in methods for both XP and Vista.

Thanks in advance for the ideas/suggestions/explanations, etc...
 

More replies
Relevance 43.87%

What are some ways I can password protect or user protect files and directories?

Do I need to set up a domain to do so? Can I get some recommendations please?

I am guessing that this could get crazy intense, so I hope someone will have some patience with me. I am interested in methods for both XP and Vista.

Thanks in advance for the ideas/suggestions/explanations, etc...
 

Answer:XP/Vista - How to password protect shared files/directories?

As far as I know, with XP, password protecting shared files is basically not possible. I can't tell you how many countless hours I spent on Google and on other forums trying to find how to password protect XP shares, and unless I managed to completely overlook it, I didn't find anything. With Vista, however, it is possible.

You're talking about just regular file/folder sharing correct? If so I'll assume you already have the files shared that you need.

All you have to do is go to Control Panel > Network and Internet > Network and Sharing Center, and under the Sharing and Discovery heading simply turn on password protected sharing. This will make it so every time you connect to this computer, you will be asked for your username and password.

Hope this helps!
 

13 more replies
Relevance 43.46%

Hello

I have Vista Home and XP MCE. Printer is connected to the Vista box.

I got them to connect without issue but the XP machine needs to type in the Vista username and passoword when it connects, including when using the printer. I want to disable that security feature.

In the Vista Network and Sharing Center I have all the settings set to share AND the password protected sharing to OFF. This appears to be correct, but Vista still asks for password when the XP connects for the first time (maybe first time from each reboot, not sure)

I am at a loss. Ideas how to disable this password protect?

thank you
Jim

More replies
Relevance 42.64%

Hi

What's the best password protect protect software for folders?

Also if the password was forgotten or lost..would there be any way to acceess the file?

Thanks.

More replies
Relevance 41.82%

The volunteer helping me on the "Am I infected" forum recommended I move my problem over here to this part of the site. I'm not sure if I'm at the point where I should reformat my computer, hope someone can help.Here's my original problems and the logs and help I've received so far: http://www.bleepingcomputer.com/forums/t/208885/ms-antivirus-2009-which-turned-into-another-one-and-now-its-that-nfrdll-error-and-malarebytes-and-superantispy-got-their-butts-kicked/I assume that you'll probably get a better explanation from my problems there, but here's the quick and dirty:Dell Laptop, currently disconnected from the Internet. (It was unable to access the bleeping computer forum anyway--just this site specifically, sites like Google, blogs, those kinds of things worked fine.)The problems started with the MS Antivirus 2009 fake spyware stuff, than the browser hijacks (I shut off proxy servers before coming to the forums), and then I got the Spyware Protect 2009 version of malware, and was only able to get Malwarebyte's to run by changing the extension to .bat after reading it here. Since I started working on these forums with DaChew, I've only followed his instructions.Currently working off my wife's computer, a Mac. Using a USB flash drive that DaChew had me immunize so that I can download the programs on this Mac and transfer them over to the infected Dell. Than I copy the logs onto the flash and move them here.Here's my DDS file, i've changed my name on it to USER.DDS (Ver... Read more

Answer:Serious Malware Infection, started with MS Antivirus 2009, Spyware Protect 2009, nfr.dll

Hello Thefactualopinion and welcome to Bleeping Computer,1. Please download GooredFix and save it to your Desktop.Select "2. Fix Goored" by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point. Type y at the prompt and press Enter again. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. Please also allow any registry changes that may be prompted by any of your security programs.2. Please read this tutorial carefully to download ComboFix from one of the locations specified, and save it to your Desktop.Double click the ComboFix icon to run it.If ComboFix askes you to install the Recovery Console, please do so..The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.Once the Recovery Console is installed, continue with the malware scan.Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. If you have any questions along the way, STOP and ask them before proceeding !!Greetings,Thunder

6 more replies
Relevance 40.59%

The How to Protect yourself from malware! Guide is good very useful information but it lacks information on other tools that have actually been found more effective at stopping Malware than just using realtime Antivirus/antispyware engines, that can stop unknown malware like Host-based Intrusion Prevention (HIPS), the D+ in Comodo, or spyshelter, ECT or Virtualization software which also is not covered that can isolate a threat so it doesn't even affect your Original OS files, like Sandboxie which isolates browsers and other files, or the sandbox in comodo that Isolates unknown files, or Bufferzone Pro Free, Returnil or Wondershare TimeFreeze which isolates everything in a virtual OS ECT

Also I don't remember their being an option to install ASK toolbar in any current comodo set up, they removed it in 2009.

Comodo has changed allot and none of the important Comodo IS features are covered?

Sorry if I sound like a Bug but Computer security is advancing and their are better and more effective ways to protect yourself than just using a realtime antivirus engine. and by the looks of it the Tutorial needs more updating anyways.

A Combo I like to use is
Comodo Internet Security, in Proactive mode with sandbox, antivirus, Defense +, and Firewall Enabled.

MalwareBytes Pro Antimalware in Realtime.

SpyBot SD Resident, Immunized.

SandBoxie for browsing the unknown ect.

PeerBlock to block malicious servers/ip's.

ThreatFire, Helps protect against known and unk... Read more

Answer:The "How to Protect yourself from malware!" Guide.

Welcome to Major Geeks!

Thanks for your comments.

There are quite a few tools that we don't list. That does not make them bad nor does it mean they are good. Comodo is listed in the How to protect thread in the antivirus and also in the firewall area. We do not go into some of the other areas of protection in detail for a couple reasons. One, the thread is meant to be as useful to ALL people with all computers ( old and new ) as possible. The newer forms of protection can be problematic for older/slower PCs with smaller amounts of memory. The second reason is that experience as shown that if all of the instructions in that thread are properly followed, you don't need sandboxes or HIPS anyway and you will not suffer from the effects that they have on PCs. Many many people of complained to us about how slow their PCs were after using tools like Threatfire and sandbox type software. In addition, use of these tools caused many PC novices to intermediate users all kinds of other grief and loss of information and loss of settings that they did not realize they were losing due to the sandbox affects.

Also we have had many, many, many cases where people have had all this kind of protection you mention installed, and still have gotten severely infected. And all this protection just made it harder to manually clean the PC. It did not stop the infections. The educated end user ( which is what that sticky is pushing ) is the most important piece of protecti... Read more

1 more replies
Relevance 40.59%

There is a very helpful sticky on this forum called "How to Protect yourself from malware!" authored by Chaslang. See http://forums.majorgeeks.com/showthread.php?t=44525 It appears that it has not been updated since 2004.

I have a clean (I like to think) fairly new Windows 7 computer, and I want to keep it clean. Are there any new suggestions that supersede what is in Chaslang's old thread?
 

Answer:Updates to "How to Protect yourself from malware?"

Happy_Macomb said:





It appears that it has not been updated since 2004.Click to expand...

Very untrue. You are looking at the creation date, not the update date. See the end of the post where you will see:

Last edited by chaslang; 01-30-12 at 19:08.. Reason: Remove outdated tools
 

3 more replies
Relevance 38.54%

I just ran the Remove Vista Internet Security 2012 (Uninstall Guide) tutorial and it seems to taken car of the malware in safe-mode. But now an issue is happening when I get to the end of tutorial after rebooting from Malwarebytes and booting back to the normal boot mode. And the system seems to give give the following error then lock up not allowing other programs to run. A dialog box titled MalwareBytes, with the following message:"[Open Event] failed to perform desired action. Error Code : 2"A search on the error points to basically reinstalling Malwarebytes, but that does not solve it, even just removing malwarebytes all together doesn't solve it. After normal startup then the error the system gets lock up.Is there something else going on here that needs to be looked at, I was trying to find registry entries tied to malwarebytes or Run Once that might be causing it to run and error, but no luck yet? HiJackThis does not show any weird programs in the Run keys either?Any Further Ideas?

Answer:Vista System Locks Up After Malware Reboot - Remove Vista Internet Security 2012 (Uninstall Guide)

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/432088 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 38.54%

Yesterday while reading a pop up of Vista Internet Security pops up, It looked fake so I know I picked up something. I'm using a public network if that makes a difference since these are places I never had a problem with before.

When I did the Gmer.exe I tried to follow the instructions but when to scan the section was already checked and the rest were grayed out.

Checked sections: Services/Registry/Files/C:/ADS

So I've added what it did with the attach.txt file. At the moment I don't have a boot disk but I am still able to use this laptop with the infection. I'm either saying no to "fix the problem" or closing the pop ups when they occur.

Here's my stuff:


DDS (Ver_09-12-01.01) - NTFSX64
Run by Arlene at 7:47:03.44 on Tue 03/09/2010
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_15
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.1914.919 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService... Read more

Answer:Vista Internet Security 2010 malware x64 Vista

I fell asleep and left the wireless on I think but the windows update decided to update and restart my computer, now I have lost my task manager saying it is not there. I also no longer see the fake vista logo my start up and the popups are gone. Since I didn't get help yet I decided to let my Mcafee do its weekly scan.

Now something has happened and I don't know what it is. I knew as long as I kept the computer on, the malware couldn't do anything but I am asking really for help since it Friday and I don't have a backup plan if I need to wait three more days into the weekend.

2 more replies
Relevance 34.44%

Sophos PLC has flagged three viruses typically spread through e-mail that can infect Vista customers who use a third-party Web e-mail client. While Vista's e-mail client stops Stratio-Zip, Netsky-D and MyDoom-O, the malware slips past Vista's defenses when users receive infected messages through a Web-based e-mail service...computerworld.comThree of the top ten malware threats run on Microsoft Vista, Sophos tests show

Answer:Hello, Vista, Have Some Malware

After reading the above I have this "vision" of office parties, celebrations taking place in all the security companies offices.

2 more replies
Relevance 34.44%
Question: malware with vista

ok, so i'm having troubles with my desktop now too!

last night i had the my browsers close and had a notification from vista internet security 2010 centre. it prompts me to buy this antivirus software (59.99/year etc) so that i can remove a bunch of trojans, worms and trackers out. it has found 29 critical items. i'm running ad-aware and and am now doing a full computer scan using AVG.

AVG has found tracking cookies and is still scanning. i can't open firefox because it says av.exe is missing. trojan- BNK.Win32.Keylogger.gen is also infecting firefox.

i'm just not sure about this vista internet security 2010 thing it is telling me to download. is it legit?

how do i get my computer back to normal??
 

Answer:malware with vista

Please click on the Report button and kindly ask to be moved to the Malware Removal & HijackThis Logs forum. From there, be patient. You should get an answer within the next 48 hours. These guys are really busy!​
 

3 more replies
Relevance 34.44%
Question: Vista malware

Hello Ive been fighting this malware for a while. Ive ran malwarebytes, TDSSkiller and I keep getting the same results that nothing has been found. I know there is something still here cause it will not allow me to open certain programs like stopzilla remove any programs. I downloaded stopzilla because on the antimalware programs I have it seems like the vista malware has attached itself to the programs because they all have the vista sheild logo on top of them. The stopzilla doesnt run there is a error that pops up everytime I try to run it. SO I downloaded this microsoft antimalware program and everytime I run it, it comes up the same four infections that it seem to cannot get rid of. It had something to do with the JAVA.

I need help please, I want to make sure that its not just me and theres a virus of some sort on my pc because i never seen those sheilds before on any of my programs.

Thank you

Answer:Vista malware

Lets try doing an online scan to see if it finds anything else that the other scans may have missed.Please perform a scan with Eset Online Anti-virus Scanner.If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install. Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.Click the green button.Read the End User License Agreement and check the box: Check .Click the button.Accept any security warnings from your browser and allow the download/installation of any require files.Under scan settings, check and make sure that the option Remove found threats is NOT checked.Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyClick the Start button.ESET will install itself, download virus signature database updates, and begin scanning your computer.The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.When the scan completes, push Push , and save the file to your desktop as ESETScan.txt. Push the button, then Finish.Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a... Read more

2 more replies
Relevance 34.44%
Question: Vista, Malware

I today have downloaded this fake recovery trojan virus or what ever it is,it started doing a scan and informing me that my computer is critical,has no ram left and so on.My icons on my desktop were all gone, plus my desktop went black and all my photos are gone.This is what i done to correct the problem,i downloaded Malwarebytes and did a scan this then removed the fake system restore and stoped all the popups that were driving me insane.I then restarted my pc and my system seemed to be ok but still had a jet black screen with only one icon still left on it,so i did a system restore and took it back a week,restarted the pc and everything has come back icons screen saver picture what i had before.The only thing that i cannot seem to recover is my photos,they seem to be lost for good(or are they)i have look everywhere but cannot find them..so if someone can help me with recovering the photos the it would be appreciated.

More replies
Relevance 34.03%
Question: vista anti malware

My laptop is telling me i must purchase new vista anti malware 59$. is it saying a keylogger has taken over my laptop.i am not able to run any virus scans using my existing software which is spybot,anti malware bytes & avg.everything was perfect untill this message came up now i cannot do anything please help...

Answer:vista anti malware

Removal instructions
here

3 more replies
Relevance 34.03%

whats a good free anti-malware for 64-bit vista? I used to have 32-bit and would use malware bytes, but thats not compatible with 64-bit. :-(

Answer:Anti-malware 64-bit vista

I know that Mbam is working on one and it should be released soonSame with SASSUPERAntiSpyware will work in 32-bit mode under 64-bit versions of Windows. We will have native 64-bit drivers later this year.I'm moving this to a better forum for your question

3 more replies
Relevance 34.03%

Hi
 
First post, so hello to other technical problem sufferers, technical helpers and system optimisers.
 
About a month ago I started having trouble on a 32 bit Vista home premium desktop.
 
Programs will not load, tried to install AVG free but gets stuck, windows update and defender get stuck, similarly adobe updates, machine has trouble shutting down.
 
Browser, (Mozilla) is running fine.
 
I have run Malwarebytes anti-malware but it did not discover anything, however, I just tried to run it again and it will not run??
 
The machine was a hand me down from my father in law so not sure about its history but until a month ago it was running fine except for a very occasional blue screen, (last one at least a month befoe the current set of problems).
 
The last program I downloaded when the machine was working was dropbox.
 
Any help appreciated.
 
Thanks

Answer:Possible malware on Vista Computer

Hello and welcome ,sorry for the delay. Some infections will also Hijack the executable associations by adding an extension to the registry files.. Let's try to reset them. Download FixExec.exe to your desktop.Double click on the downloaded file to run the fix.When the program has finished, it will generate a log on the desktop called FixExec.txt.Post the log in your next reply.NOTE: If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr.  Now to terminate malicious processes that may interfere with running anti-malware tools. Please download Rkill by Grinler and save it to your desktop.Link 1Link 2Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.Do not reboot the computer, you will need to run the application again.  >>>>MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of ... Read more

18 more replies
Relevance 34.03%

ISSUE RESOLVED
 
Computer: HP Pavilion P6142P
AMD 64: Phenom X4 w/ Nvidia gpu
OS: Vista 64 SP2
 
Original Issue:
Computer boots, but with Antivirus Security Pro and possibly other PUPs
 
No feeling it today and need some help.  logs attached as .zip.  I am new here, please direct me to the correct forum if this is not correct procedure.  I am happy to follow any and all directions.
 
This post has been moved from VISTA forum.

Answer:HP Vista SP2 - Malware / Rootkit

Closed per OP request.
 
Louis

1 more replies
Relevance 34.03%
Question: vista home malware

i have a vista laptop and i have avg and spybot on my computer but vista home security comes up on my task bar at the bottom which i don't have on my computer.it comes up saying i have over 50 different things including malware trojens and worms,which i think is malwre and when i think i have removed it ,it pops back up after a reboot i really need to know how to get rid of this problem.when ever i try to log on to the internet it brings up the search engine but then kicks me out im currently useing my friends computer to post this problem so if anybody can get back to me and tell what i have to do because i havent a clue and its doing my head in!!!!!!! thanks

Answer:vista home malware

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 34.03%

So I ended up with a dell laptop that had Vista as it's only O/S option---purchased one month BEFORE Michael Dell decided to also offer XP because Vista is that horrible. I tried to get XP again, but of course, instead I would have to purchase XP (with a 75$ credit) for 225 dollars.

Ha.
In any case, my computer is working really really really slow---svchosts.exe takes up most of my resources (like 125,000k of them) and I'm wondering if malware is to blame, even though I have no popups or anything like that. Here's the hijackthis log:

The laptop is slower than my 4 year old desktop now...which shouldn't be the case!

--------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:17 AM, on 9/25/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.ex... Read more

More replies
Relevance 34.03%

Antivirus 2010 was involved, when I first got a look at this computer. It is a freind's. He seems to have gotten rid of the popups, but we still gets reports of rootkits and other stuff, so here I am.I downloaded the utilities from here, put them on a thumb drive, ran them on the infested computer, saved the logs on the thumb drive, so I could post them here.DDS Logfile:DDS (Ver_09-12-01.01) - NTFSx86 Run by owner at 22:41:24.27 on Thu 03/11/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2037.1275 [GMT -5:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\AUDIODG.EXEC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\sy... Read more

Answer:malware infestation in vista

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

12 more replies
Relevance 34.03%

Hello,

This is my first post on this site and I hope you guys can help me. OS is VHP, problem is malware. I've looked in other posts on this site but cannot get past one of the recommended steps.

Here's what's happening.

Computer BSOD and reboots every 10 mins.
Kaspersky finds tdss.asz and tdss.atb but cannot delete.
Go into Safe Mode with Networking and PC doesn't reboot - all good. Try going onto Internet and cannot download Malwarebytes using IE or Firefox. I loaded it onto usb stick, renamed exe files and it found and deleted tdss. Came back on reboot. This is when I checked the forums. It said to disable tdssserv in device manager but the option is greyed out. This is where I'm stuck. Cannot install SDfix as it says it's only for XP and 2K. Cannot install Combofix as I get error 'Windows cannot find 32788R22FWJFW\nircmd.com'. This is all happening in Safe Mode because it's the only way I can make the PC stable. I removed Kaspersky (on their advice. I know I should've stopped services). I have admin rights but the tdssserv is still greyed out even in normal PC mode. All other options in hidden devices in device manager have the option to disable, etc;

Answer:TDSS.ASZ malware in Vista

Dr Web you are the BEST!!
Ran it, never come across it before, computer's been up for 30mins - so far so good. Now to get Kaspersky back on.

1 more replies
Relevance 34.03%

Here is my Hijack this log
any help would be appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:44 AM, on 6/9/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\SYSPSWD\syspswd-new\SystemPwd.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://adisoftserv/default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://adisoftserv/default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer... Read more

More replies
Relevance 34.03%

I want to check if I have a malware problem, please let me know if anyone can help me. I recently took my laptop to a store, and they did some things with combo fix, I have been in this situation before, and have learned that I had a rootkit, and that it has 3 parts, and I just want to know the place that I took it to didnt miss any parts to the malware that might have been missed in a regular scan. Thank you.

Answer:Windows Vista malware

please post in the Am I Infected forum.

2 more replies
Relevance 34.03%

Hi

If I use system restore and go back to a point say 5 days ago (that is 5 days before I picked up this malware) will that remove it from my PC?

olderbutnotwiser

Answer:Vista antivirus malware

Sometimes this method of recovery works but other times it may not since System Restore was not designed to be a virus or malware removal tool. Whether it will be successful depends on what type of infection you are dealing with, what damage the malware has already caused, whether it disabled System Restore and if not, and what is restored during the process.This is what mvps.org has to say:Can I use System Restore to remove virus or malware infection?NO. System Restore was not designed to be a virus or spyware removal tool and should not be depended on.Generally it's better to leave System Restore alone until the machine is clean and stable. However, in some cases, using System Restore may return some system stability if you are having problems running disinfection tools or booting up. If you are able to successfully use System Restore to return to a previous state there is no guarantee your computer will not still be infected. As such, you should immediately perform scans with your anti-virus and anti-malware tools afterwards, then monitor your system for any signs of infection.

1 more replies
Relevance 34.03%

Noticed some malware programs like b.exe, h.exe, and msb.exe to name a few. I use Vista 64 and attached the report after running ots.exe. Can you help?

Answer:Need Malware Help 64bit Vista

Hi,

Please do the following:

Start OTS
Copy/Paste the information inside the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.



Quote:




[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {201f27d4-3704-41d6-89c1-aa35e39143ed} [HKLM] -> C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [AskBar BHO]
YY -> {500BCA15-57A7-4eaf-8143-8C619470B13D} [HKLM] -> C:\Users\karen\AppData\Local\Temp\msxml71.dll [XML Class]
YN -> {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {677B2F03-2A72-4C1B-8CE1-5D8CBC3A28D3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YY -> "{3041d03e-fd4b-44e0-b742-2d9b88305f98}" [HKLM] -> C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [Ask Toolbar]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1411750938-3946630512-2179654105-1000\] > -> HKEY_USERS\S-1-5-21-1411750938-3946630512-2179654105-1000\Software\Microsoft\Internet Explorer\Toolbar\
YY -> WebBrowser\\"{3041D03E-FD4B-44E0-B742-2D9B88305F98}" [HKLM] -> C:\Program Files (x86)\AskBarDis\bar\bin\askB... Read more

2 more replies
Relevance 34.03%

Yesterday my desktop went blank when i was working with some software, reboot would start and I could access programs while loading, for about 2 minutes, then windows explorer would shut down and my desktop would go blank. After much cleaning with adaware and regclean I found had malware on my computer. I still cannot boot windows normally, the same thing happens. I can only start my computer in special recovery mode now. After reading in these forums I decided that my problem was similar to others and ran a report through combofix. Of course I have no idea how to read it. Here it is though:

ComboFix 09-01-13.04 - Witte 2009-01-15 6:25:08.1 - NTFSx86 DSREPAIR
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.893.163 [GMT -6:00]
Running from: c:\users\Witte\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Witte\AppData\Roaming\QNVW601P.dll
c:\windows\system32\ddcBuuRJ.dll
c:\windows\system32\efcBrSJy.dll
c:\windows\system32\rQhHxWmk.dll

.
((((((((((((((((((((((((( Files Created from 2008-12-15 to 2009-01-15 )))))))))))))))))))))))))))))))
.

2009-01-15 03:05 . 2009-01-15 04:36 <DIR> d-------- c:\program files\InstallShield Installation Information
2009-01-15 03:05 . 2009-01-15 03:11 <DIR> d-------- c:\program files\Common Files\Panda Security
2009-01-15 01:45 . 2009-01-15 01:45 <DIR> d-------- c:\windows\System32\Pr... Read more

Answer:Malware? removal vista please help

ok my advice is to ask the folks on here http://www.techsupportforum.com/f50/ you do have some things on your drive that is not worked with on this forum i would ask you to read the rules and stickys as to how the forum works goodluck

1 more replies
Relevance 34.03%

My daughter has a computer that had the genuine Vista OS already installed.  She recently had to have it fixed due to a hard disk failure.  The repairer (also genuine and reliable) had to reinstall Vista using the key etc.Everything worked OK but this week she has started to get a warning about copyright.  I apologies at this point for inadequate detail but I am trying to get background before I go round there.I haven't seen it yet but I am suspiscious because it does not ask her to input a key but threatens consequencies if she doesn't take action within 3 days.I have come across this malware warning on the net and wondered if this cold be the problemhttp://www.bleepingcomputer.com/virus-removal/remove-i-q-manager

Answer:vista copyright malware

Hello, and welcome to Computer Hope Forums!I'm Crush but, you can call me Chris too and I will be helping you with your Malware issuesPlease note the following information about the malware forum:Only members of the Malware Removal Specialist user group are allowed to give advice on removing malware from your computer. Do not follow the advice of anyone without that user title.From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above. Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.If you have already asked for help somewhere, please post the link to the topic you were helped.We try our best to reply quickly, but for any reason we do not reply in two days, do this:Reply to this topic with the word BUMP.Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.Now that we have that out of the way:    We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.    Download the OTLPE Standard REATOGO Windows Recovery Environment.Place a blank CD-R disc in to your CD burning drive.Download OTLPEStd.exe and double-click on it to burn to a CD using I... Read more

6 more replies
Relevance 34.03%

Ok well I should begin by saying that this laptop:Has a cracked screen and I'm using an external Monitor for use. The laptop screen is totally damaged except the upper left corner.This means, every time I boot it up from crashing I can still see when Windows boots up and guess what option to choose from trail and error.Finally when lucks turn my way, the laptop begins showing signs of booting, until this pops up before I even get a chance to log-in:And for some reason those login errors stopped & I've successfully logged in with no problem after trying a lot.Except when I did login to my account, my background and the icons on my desktop all turned black:I immediately ran 'CCleaner' for registry which did nothing. And keep in mind, all this while my CPU Usage is clocking at 100% almost all of the time. So then ran the latest 'Malwarebytes' Anti-Malware' on a full scan on my hard-drive twice.First log:Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4312Windows 6.0.6001 Service Pack 1Internet Explorer 8.0.6001.187837/26/2010 4:10:20 PMmbam-log-2010-07-26 (16-10-20).txtScan type: Full scan (C:\|)Objects scanned: 50660Time elapsed: 6 minute(s), 50 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 1Registry Values Infected: 4Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious ... Read more

More replies
Relevance 34.03%

I'm trying to help my parents computer that had Vista Defender Pro Malware installed on it. It is a never ending amount of antivirus windows popping up trying to get them to buy an update for the program. I was able to run the DDS.txt program successfully, but while running the GMER.exe the computer ran out of memory? and restarted itself. Here are the files from the DDS run.


DDS (Ver_10-03-17.01) - NTFSx86
Run by PC1 at 13:45:26.98 on Sun 04/04/2010
Internet Explorer: 7.0.6000.17037
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.895.428 [GMT -4:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\G... Read more

Answer:Vista Defender Pro Malware

Hello

It may be helpful for you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Vista and Win 7 Users please Right Click and run as Admin all programs that I ask you to run

Please download DeFogger to your desktop.

Double click DeFogger to run the tool. The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until we have finished the cleaning of this computer.

I would like you to delete the Gmer you have now and download this version from here.

GMER:

I would like you to download this "special version of gmer." and save it to your desktop.
Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan..
In the right panel, you will see several boxes that have been checked. Uncheck the following ...Sections
IAT/EAT
devices(don't miss this one) <--this one is different than the picture
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't... Read more

3 more replies
Relevance 34.03%

Hi you guys. This is my first time posting on a tech support forum, so please forgive any unintentional etiquette breaches. I've had what I understand is a common malware issue with a vista security imposter. I've run rkill and MalwareBytes, which helps for a little, but the problem returns. I tried to follow some more complicated advice given to another poster on this forum, but didn't see any improvement (I expect because the advice was specific to that person's situation and the logs they posted.)
I'm pasting TGS SysInfo results and hijackthis log below.
Thanks so much for any help you can give me!

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 2, 64 bit
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz, Intel64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 3998 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1807 Mb
Hard Drives: C: Total - 225939 MB, Free - 121242 MB; D: Total - 12531 MB, Free - 2008 MB;
Motherboard: Wistron, 3612, 09.50, 2CE9121B5Q
Antivirus: McAfee VirusScan Enterprise, Updated: Yes, On-Demand Scanner: Enabled
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:44:07 AM, on 6/14/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hew... Read more

Answer:Vista security malware

15 more replies
Relevance 34.03%

Dear Virus experts,My laptop is running on Vista and got infected by the wretched ave.exe virus. I have Windows Defender and Virgin Broadband PC Guard but these failed to clean it. It's bringing up the usual fake infection pop ups although some of them appear to be stopped by PC Guard. I wasn't sure if it would start corrupting other files so took desperate measures to isolate the virus by frantically googling for a fix tool. I downloaded what I thought was a fix but it turned out to be a trial version of the "Spyware Doctor" program. This has identified and blocked the virus but in order for this anti-virus program to complete its cleaning and fixing process, I am being asked to pay and register for the full edition. I don't want to buy it as I already have PC Guard and I think it is a bit of a cheek to trick me into downloading Spyware Doctor and then forcing me to purchase it to clear the virus.Anyway, I'm keeping the trial Spyware Doctor package switched on for the time being to prevent the infection spreading or doing anything nasty. Everything is up-to-date on my machine, i.e. Windows Defender and PC Guard so it is disappointing that they didn't catch or disinfect the virus.1. Does anyone know of a way to clear this without me having to purchase another antivirus software?2. Is there anything I can do to catch this virus in the future?I look forward to your reply.Nb. There was nothing dodgy in the website I visited from which I believe this... Read more

Answer:ave.exe virus/malware on Vista

First, Download rkill.com to your desktop.Double-click on the rkill.com in order to automatically attempt to stop any processes associated with Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by these Rogue programs when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate these Rogue Programs. So, please try running Rkill until malware is no longer running. You will then be able to proceed with the rest of the instructions.Scan for Spyware/AdwareThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware Free version and save it to your desktop.NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the applic... Read more

9 more replies
Relevance 34.03%

Vista Home Premium (x64) SP 2
Firefox 20
Hi. I'm using Trusteer Rapport and it has reported some problems over the past week. It activated anti-keylogging three times when I logged into my banking and credit card websites, It also blocked a screen capture when I logged into Amazon. I have twice lost access to my keyboard and mouse.
 
Both Virgin Media anti-virus and Spybot S&D report no problems. The first couple of times I tried running Malwarebytes it stopped responding after 30 seconds and started up again around 2 minutes later. It's now working ok and not reporting any problems.
 
Any help is gratefully appreciated. Here's the DDS report -
 
-------------------------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 10.15.2
Run by Steve Administator at 17:07:28 on 2013-04-10
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.44.1033.18.3838.1821 [GMT 1:00]
.
AV: Virgin Media Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Virgin Media Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Firewall Booster *Enabled* {50C2E989-60CF-0845-AFD3-290B7D301E79}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.e... Read more

Answer:I have a keylogger plus possible other malware (Vista)

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2IMPORTANT !!! Save ComboFix.exe to your Desktop1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe and follow the prompts.When finished, it will produce a report for you.Please post the C:\ComboFix.txt Note: Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.htmlNote: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.===Third party programs if not up to date can be the cause of infiltration an infection.Please run this security ... Read more

11 more replies
Relevance 34.03%

I started performing the steps in the Malware Removal Guide. Everything worked fine until I got to the Vista & Windows 7,8,10 Malware Removal/Cleaning.

In step 1, Downloading Tools. I could not or didn't know how to download them to the desktop. So I let them go to my download folder then copied them to my desktop (except for MGTOOLs, which I copied to C:\). I already had MBAM installed but still downloaded it then copied to my desktop and renamed it MB.EXE.

In step 3, I tried to start RogueKiller. Right click/Run as administrator but nothing started. I also attempted to start the rest of the tools, all took me to a run/start screen except TDSSkiller -- I didn't start them. So I deleted both RougeKiller and TDSSKiller and downloaded them again.

I tried to start RogueKiller.exe again. It did not start. I have stopped at this point. Any suggestions on what I should do?
 

Answer:Malware In Windows Vista.

I went back and watched download video by TimW and after deleting all of the previous download software, I download them to the proper locations.

RogueKiller.exe still did not start. So I am still stopped at this point. HELP please
 

14 more replies
Relevance 34.03%

Hi,

I just put together a new machine with Vista and things actually went very well compared to other machines I have built myself. A couple of things related to security I'm not totally clear on -

When you go to the control panel-security settings, it advises you that the missing piece of Vista security is the virus checker. I did a small amount of research and although I hate to throw even more money at MS, I decided to go with MS Live OneCare (free trial).

Live Onecare was a little confusing to me at first...it seemed to duplicate a lot of things that Vista takes care of, I suppose this makes it look better than it's competitors. From what I understand it overrides the scheduling of the Vista based maintenance items like defrag, update etc.

At the point that I loaded the OS + Office, my compter was blazingly fast, much faster than my work computer which is a 3.0 Gig Pentium 4 (mine is 2.4Gz Core Duo). However, since then almost any operation brings up the "hourglass" for 1-3 secs. I think the only difference is Live OneCare but I need to disable or uninstall it to be sure. Is this just the price you pay for virus protection? I assume work computers are largely protected at the firewall so they will always be faster for a given machine?

Also, another Vista "expert" recommends running Spybot for malware detection. From what little I know however, Spybot is not enough by itself because it is not continuously looking for malware. It is someth... Read more

Answer:Vista malware protection

If I were you I'd ditch the OneCare and get Antivir for virus protection (for free) or buy Kaspersky AV. Both are highly rated and reccommended by many on this forum. For spyware protection it's reccommended to run more than one program because no single spyware app can catch all the stuff out there. I use Windows Defender and also run SuperAntiSpyware weekly.
 

2 more replies
Relevance 34.03%

Hi All,

I ran all the programs as described in the Vista, Win 7 and Win 8 Malware Removal/Cleaning Procedure thread by Chaslang. Issues I'm having are - about a week ago computer started going super slow, very long boot times, explorer.exe crashing and will not upload service pak2 and lots of errors and warnings in event viewer. Only thing I did was update my webroot, my kids say they didn't download anything. Also when going through things I found 240 folders in my system32 folder with Chinese writing but nothing in the folders, I've since deleted all the folders, currently I have about 90 processes running and under physical memory it says I have 2930, 2011 cached and 0 free, cpu usage runs about 40 to 60%. Do I post the txt files here?

About computer -
Gateway GT5426E
AMD Athlon 64 x2 dual core processor 5200 2.6ghz
3 g Ram
32 OS
A/V S/W webroot
 

Answer:Malware on Vista help needed

Yes, you ATTACH the requested files.
 

6 more replies
Relevance 34.03%

I have run all the steps and recovered all my files and desktop items....except my recycling bin. Anyone know where it has gone? Also there is a desktop icon for Windows Vista Recovery, how do i get rid of the program entirely?

More replies
Relevance 34.03%

Hey all, new to the forums, but you guys seem incredibly well-versed.Anyways, I contracted a few viruses the other day from a bad program, and, while AVG assured me that it had blocked them and several scans turned up nothing, I wasn't so assured. Nevertheless, after it blocked several communications attempts and other such things, I turned off my internet and did some scanning. With ctrl+alt+delete, I stopped some clearly fishy processes, located their sources to files that had been updated that night (around 2-3 AM, the 28th) and got rid of those.Still not convinced, I surfed around to look up some of the viruses. The next morning (this morning) my computer started blocking more viruses again, so it didn't seem like I'd gotten them all. Nevertheless, after some more of the same conduct as above (scanning and deletion), I wound up getting Combofix, uninstalling AVG, turning off the web and running that.After that, it deleted a few files. I had to turn on internet in order to fetch AVG again. It says not to post combofix results unless asked to, but I have those if they would help. I would appreciate it if they could be reviewed.Specifically, I would like it if somebody could aid me in determining whether or not I've gotten my computer cleaned... obviously this post doesn't have enough information as is, so I await your insights and requests (even if it's just asking to see the log)Other relevant details would include that I have had a previous ... Read more

Answer:Vista Check- Did I get rid of all my malware?

Hi,Sorry for the delay in responding to your topic.Let's use another anti-malware program to see if it detects anything on your computer.Please download Malwarebytes Anti-Malware (v1.44) and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the ... Read more

4 more replies
Relevance 34.03%

Hi Guys,

I'm pretty sure I have a Malware Issue.

Symptoms Involve:
* Website Re-Directing (from Google Searches)
* Unknown Fake Anti-Virus
* Hidden Files
* Slow computer!

please help!

MBAM log File below:
------------------------

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8319

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19088

6/12/2011 7:16:24 PM
mbam-log-2011-12-06 (19-16-24).txt

Scan type: Quick scan
Objects scanned: 171526
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{812B1994-5C8F-83E4-3DEB-5374C0074A3B} (Trojan.ZbotR.Gen) -> Value: {812B1994-5C8F-83E4-3DEB-5374C0074A3B} -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows... Read more

Answer:Vista - Malware Issue

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

5 more replies