Computer Support Forum

Web Browsers Intermittently Hijacked. Malware undetectable by Incumbent Anti Spyware and Anti Virus

Question: Web Browsers Intermittently Hijacked. Malware undetectable by Incumbent Anti Spyware and Anti Virus

Hello. My Laptop has Windows XP SP3. I have both Windows Defender and Spy Sweeper for anti spyware and Norton Anti Virus. The problems started a few days ago when a weekly scan of the antivirus reported the following. 1/14/2010 20:06 23ecd795-1c985b76 ?????? Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\ Still contains 3 infected items Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/TrewsdF.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\23ecd795-1c985b76 Infected Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/LoaderX.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\23ecd795-1c985b76 Infected Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/AppletX.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\23ecd795-1c985b76 Infected Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. Nothing seemed out of the ordinary at that time after the quarantine/removal process. However, a couple of days ago, my web browser search results started getting hijacked. And my Norton Antivirus virus definition files seem to update but the "LiveUpdate" fails with LU1847 and i cant seem to fix it.PLease advise and Help.I have gone through the preparation guide. DDS.txt is below and the other two logs have been uploaded as attachments. I could not attach the kaspersky scan log as the online scanner is currently unavailable on their website.DDS (Ver_09-12-01.01) - NTFSx86 Run by admin at 15:29:18.29 on Mon 01/18/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.159 [GMT -6:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exeC:\WINDOWS\System32\svchost.exe -k eapsvcssvchost.exeC:\WINDOWS\System32\svchost.exe -k dot3svcC:\WINDOWS\System32\wltrysvc.exeC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\iPass\iPassConnect\iPCAgent.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\NELicense\LicenseManagement.LicenseService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Symantec AntiVirus\SavRoam.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\VERITAS\Backup Exec\RANT\beremote.exeC:\WINDOWS\system32\CCM\CcmExec.exeC:\Program Files\Webroot\Enterprise\Spy Sweeper\SSU.EXEC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\PROGRA~1\SYMANT~1\VPTray.exeC:\WINDOWS\system32\WLTRAY.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\iPass\iPassConnect\downloader\ipccheck.exeC:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exeC:\WINDOWS\system32\ctfmon.exeC:\PROGRA~1\Cacheman\Cacheman.exeC:\Program Files\Webroot\Enterprise\Spy Sweeper\spysweeper.exeC:\Program Files\Webroot\Enterprise\Spy Sweeper\SSU.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\System32\vssvc.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files\Symantec\Norton Online Backup\NOBuClient.exeC:\Documents and Settings\admin\Desktop\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.com/uInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyServer = proxy.stc.com.sa:8080uInternet Settings,ProxyOverride = *.tesa;10.*;<local>BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dllEB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No FileuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [Cacheman] c:\progra~1\cacheman\Cacheman.exeuRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1uRun: [Performance Center] c:\program files\ascentive\performance center\APCMain.exe -muRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quietmRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartupmRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [vptray] c:\progra~1\symant~1\VPTray.exemRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAYmRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hidemRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"mRun: [nwiz] "nwiz.exe" /installquietmRun: [AdaptecDirectCD] "c:\program files\roxio\easy cd creator 5\directcd\DirectCD.exe"mRun: [SpySweeperEnterprise] "c:\program files\webroot\enterprise\spy sweeper\\SpySweeperUI.exe"mRun: [CitiUCS] "c:\program files\virtual account numbers\CitiUCS.exe" /dontopenmycardsmRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osbootmRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kmRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [NortonOnlineBackup] c:\program files\symantec\norton online backup\NOBuClient.exedRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ipassc~1.lnk - c:\program files\ipass\ipassconnect\IPassConnectGUI.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000IE: {4C730923-3961-439b-83D5-F4E445520422} - c:\program files\virtual account numbers\CitiUCS.exeIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLLDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {2555E1B6-9E3B-11D5-B442-0050DA74F67C} - hxxps://mydesktop.level3.com/Citrix/MetaFrame/default/UniPrintWebVC.cabDPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dllDPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cabDPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/30.66/uploader2.cabDPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193611818352DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cabDPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cabDPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabNotify: NavLogon - c:\windows\system32\NavLogon.dllNotify: WRNotifier - WRLogonNtf.DLLSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll================= FIREFOX ===================FF - ProfilePath - c:\docume~1\admin\applic~1\mozilla\firefox\profiles\x4n0nyql.default\FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dllFF - plugin: c:\documents and settings\admin\application data\move networks\plugins\npqmp071503000010.dllFF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\---- FIREFOX POLICIES ----c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);============= SERVICES / DRIVERS ===============R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2004-2-9 301200]R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-2-29 255096]R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-2-29 242808]R2 iPCAgent;iPCAgent;c:\program files\ipass\ipassconnect\iPCAgent.exe [2005-10-28 90112]R2 MDC80211;iPass Protocol (IEEE 802.1x) v2.3.1.9;c:\windows\system32\drivers\mdc80211.sys [2005-10-28 15793]R2 NetWork Engineer License Manager;Network Engineer License Manager;c:\program files\nelicense\LicenseManagement.LicenseService.exe [2007-10-12 20480]R2 NOBU;Norton Online Backup;c:\program files\symantec\norton online backup\nobuagent.exe service --> c:\program files\symantec\norton online backup\NOBuAgent.exe service [?]R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2004-3-12 169192]R2 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2004-2-9 37008]R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2004-3-12 1221864]R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\enterprise\spy sweeper\SPYSWEEPER.EXE [2007-1-15 3086400]R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2005-10-28 9817]R3 GTICARD;GTICARD;c:\windows\system32\drivers\gticard.sys [2003-2-6 59328]R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20100117.002\naveng.sys [2010-1-17 84912]R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20100117.002\navex15.sys [2010-1-17 1323568]S2 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2005-10-28 117760]S2 WebrootCommAgentService;Webroot CommAgent Service;c:\program files\webroot\enterprise\spy sweeper\CommAgent.exe [2007-1-15 879680]S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-2-29 87160]S3 esri_sde;ArcSde Service(esri_sde);x:\arcsde91\arcsde\ora9iexe\bin\giomgr.exe [2005-3-3 65600]S3 ExtranetAccess;Contivity VPN Service;c:\program files\nortel networks\Extranet_serv.exe [2005-10-28 643072]S3 OracleOraHome92HTTPServer;OracleOraHome92HTTPServer;c:\oracle\ora92\apache\apache\Apache.exe [2002-4-18 4096]S3 OracleOraHome92SNMPPeerEncapsulator;OracleOraHome92SNMPPeerEncapsulator;c:\oracle\ora92\bin\encsvc.exe [2002-2-13 165314]S3 OracleOraHome92SNMPPeerMasterAgent;OracleOraHome92SNMPPeerMasterAgent;c:\oracle\ora92\bin\agntsvc.exe [2002-2-13 216192]S3 OracleServiceBT;OracleServiceBT;c:\oracle\ora92\bin\oracle.exe bt --> c:\oracle\ora92\bin\ORACLE.EXE BT [?]S4 OracleOraHome92Agent;OracleOraHome92Agent;c:\oracle\ora92\bin\agntsrvc.exe [2002-4-26 28944]=============== Created Last 30 ================2010-01-18 20:28:40 85838 ----a-w- c:\temp\Undo VIJAYD800 20100118 142840.Reg2010-01-18 20:01:00 0 d-----w- c:\windows\system32\NtmsData2010-01-18 19:16:21 0 d-----w- c:\docume~1\alluse~1\applic~1\XoftSpySE2010-01-18 10:02:58 0 d-----w- c:\program files\DivX2010-01-18 10:02:58 0 d-----w- c:\program files\common files\DivX Shared2010-01-13 04:50:56 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll==================== Find3M ====================2010-01-13 19:54:40 87901 ----a-w- c:\windows\system32\nvModes.dat2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll2009-11-14 00:47:28 696320 ----a-w- c:\windows\system32\DivX.dll2009-11-03 02:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe2009-10-29 07:45:38 916480 ----a-w- c:\windows\system32\wininet.dll2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll============= FINISH: 15:31:27.15 ===============

Relevance 100%
Preferred Solution: Web Browsers Intermittently Hijacked. Malware undetectable by Incumbent Anti Spyware and Anti Virus

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Web Browsers Intermittently Hijacked. Malware undetectable by Incumbent Anti Spyware and Anti Virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.??If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine.??Please perform the following scan:Download DDS by sUBs from one of the following links.??Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool.??No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note:??You may have to disable any script protection running if the scan fails to run.??After downloading the tool, disconnect from the internet and disable all antivirus protection.??Run the scan, enable your A/V and reconnect to the internet.??Information on A/V control HERE

11 more replies
Relevance 86.13%

I don't know the Difference b/w Anti-Malware & Anti-Virus & Anti-Spyware.

Is ESET a Anti-Malware.

How the Users are able to Know that this antivirus can be used as Companion with any av (like CIS + EAM)
 

Answer:What is Difference b/w Anti-Malware & Anti-Virus & Anti-Spyware

long time ago, in ancient ages, where computer were barely able to reach 333Mghz , they were a distinction between Virus, malwares and spywares.

Virus is a specific term that includes items that modify your files then replicate itself and jump to another computer.

Spywares were mostly items that silently collect datas and transmit them to someone; they include cookies, trojans, adwares, monitoring tools, etc...

Malwares is a most generalist term that includes all forms of malicious items such as viruses, worms , trojans horses, rootkits, spywares, etc...

at that time security softwares were design to protect only some of these categories, for example , i had to use Avast (very basic at that time , with an interface that looks like a music player ^^) alongside Spybot Search & Destroy and Adaware (both specialized against spywares)

now these terms are obsoletes since any antiviruses/malwares are similar by detecting and cleaning all of them.
 

10 more replies
Relevance 86.13%

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\... Read more

More replies
Relevance 86.13%

Have bad infection...need best free Anti-virus, Anti-spyware, and Anti-malware software please....

THANX

Running Windows XP
 

More replies
Relevance 86.13%

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

sorry forgot my HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\I... Read more

Answer:Anti-Virus Anti-Malware and Anti-spyware not updating

Hi, welcome to TSF!

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

4 more replies
Relevance 84.97%

Hey guys ... I've searched the forums and done just about everything that I can do so far to no avail and am at my wits end with this thing.So yesterday for no reason, FireFox just decides to close. Fine, no big deal, but then I relaunched and it did it AGAIN a few minutes later. Then I got the lovely Microsoft Security Essentials error message saying that I had a Trojan in Unknown Win32. Of course, I knew that was a fake, so I tried running my Spybot S&D, but it wouldn't load. Double-click, hourglass, nothing. Suddenly, I wasn't able to launch any anti-anything software, wasn't able to get to my regedit, task manager, nor launch a browser. Eventually, in safe mode, I located the Hotfix. exe, removed it, and the error message went away.However, I'm still unable to launch ANY anti-spyware/malware/virus software. In safe mode, I did actually download, register, and install StopZilla, which found 48 objects and removed them. I rebooted and ... yeah, same thing. Currently looking into getting a refund for that piece of fun.Spybot S&D loads in my systray and does the TeaTimer real time thing that it does, but I can't RUN it for scanning. Also, I have the installer for SuperAntiSpyware, but the nifty Double-Click, Hourglass, Done trick happens when I try to launch that for installation in safe mode OR out of it.In FireFox, I'll find a result for something that looks promising, click on it, and suddenly I'll be presented with another website ... Read more

Answer:WinXP - Unable to launch/install anti-spyware anti-virus and browser hijacked

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

2 more replies
Relevance 83.52%

It is well known. It must not be running 2 anti-virus program at the same time.Question: I use Kasparsky Internet Security 2010 and it contains Anti-spyware and  Anti-Malware.Can i used with my Kasparsky Internet Security 2010 a separate  anti-spyware and Anti-Malware.programs such as ( Malwarebytes Anti-Malware   and SuperAntiSpyware )

Answer:anti-virus + Anti-spyware and Anti-Malware

One AV, one AS and one Firewall running resident.

11 more replies
Relevance 83.52%

First of all i would like to apologize if this topic is in wrong category, or it should not even be asked on this site. And second of all, please be patience i'm a noob looking for answers So whats all about? Well i'm meeting new terms here and i have no idea what they mean and what they do. And as anyone else i wanna be safe in this era of cyber-crime. So basically i know whats a anti-virus and a anti-spyware and that they can run together. Also i heard that 2 anti-virus don't do good but 2 anti-spyware do. So what i'm asking is, what is a anti-malware? Can a anti-malware, anti-virus, and anti-spyware run together? Could you suggest some good+free of those 3? Sorry for my bad English and being such a noob

Answer:Anti-malware, Anti-virus, Anti-spyware

Florin, you might take interest in this thread, though it may be quite a bit of reading: What's the Best Anti-virus?

It is there that they discuss all kinds of different antiviruses and coupled security software. I personally only use Microsoft Security Essentials, but I have used it along with Malwarebytes for added security in the past.

Basically, you could have your system completely locked down with lots of extra security, but in some cases it becomes a hassle because of how much your computer becomes protected and overly secured. If you prefer a speedy computer over security, generally you use less security software, but if it is the other way around, you will want beefier security software which may slow things down slightly. That link I've provided will have most everything you will need.

9 more replies
Relevance 82.07%

Hello,

I have a problem that is far beyond my limited skills. One of our people has a laptop that has either malware or a virus infecting it. Two symptoms are present: first, when using firefox web pages get redirected to advertising or to unrelated google searches; second, the machine seems more sluggish than usual.

I have tried to download anti-spyware software (e.g. Spy Sweeper, CounterSpy, MalwareBytes, Superantispyware, PC Doctor) and nothing works. In some cases such as Counterspy and PC Doctor, the executable will run but the program will not update (and thus, not allow for a scan). In other cases such as MalwareBytes, the executable simply will not run.

I have run a Trend Micro anti-virus scan. It seems to detect something but it crashes before the scan can complete. The same thing happens with Panda Activescan. Last night, I ran Panda Activescan for over 8 hours. When I woke up, the scan had frozen at the 52% point and had found 1 infected file, which it didn't appear to clean up.

Anyway, I'd really appreciate any help.
Best regards,
Jordan

Answer:HELP! -- Anti-spyware / Anti-virus doesn't work; malware crippling our machine

Uninstall all of the programs but Super Antispyware, Trend Micro and MalwareBytes AntiMalware.Find the MBAM.exe and rename it BAMM.com by right clicking on the file and choosing rename.Download the manual updates for MBAM from the link below. Double click on it to install. http://www.malwarebytes.org/mbam/database/mbam-rules.exeINSTRUCTIONS FOR USING MBAM:http://www.bleepingcomputer.com/forums/ind...t&p=1100727

1 more replies
Relevance 82.07%

Hi,I'm trying to clean my brother's computer but it is in really bad shape. I can't run Hijackthis or Malwarebytes. I was able to run a few things so I'm going to post what I've seen so far.1) The computer takes a very long time to boot up and before it is finished, there are two different error messages:DATA EXECUTION PREVENTIONTo help protect your computer, Windows has closed this program:Windows ExplorerWINDOWS EXPLORERWindows (sometimes Windows Explorer) has encountered a problem and needs to closeExplorer shuts down but immediately restarts. This may happen once or a few times.2) I installed a startup monitor to see if I could catch anything. I've gotten this message a couple of times:The program A00FC21E9.exe has registered the executable C:\\DOCUMENTS\Mark\Locals~1\Temp\_A00FC21E9.exe to run at startup.I don't allow this program to run of course.3) Firefox/Chrome/IE aren't able to go to certain sites such as firefox.com and microsoft.com, the browser just hangs there trying to load the pages. Other searches I do for spyware/anti-spyware redirect me to sites such as bestwebsearch.net or url.urtbk.com.4) Symantec Antivirus has caught a few things:Adware.ZangoSearchAdware.Gen5) I was able to install and run Spyware Doctor. It currently has the following spyware quarantined:Trojan.Virtumonde (multiple instances, it keeps coming back)Adware.MxLiveMediaWorm.P2PAgentAdware.BHO.GENAdware.AdmediaHijacker.Affili... Read more

Answer:Browsers Hijacked, Can't Run Most Anti-Spyware

Hello and welcome to Bleeping Computer.Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.Please download Dr. Web the free version & save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr. Web Cureit as follows: ? Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current version ? Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs. ? The Express scan will automatically begin.(This is a short scan of files currently running in memory, boot sectors, and targeted folders). ? If prompted to dowload the Full version Free Trial, ignore and click the X to close the window. ? If an in... Read more

12 more replies
Relevance 78.88%

Hi guys,I've spent most of the day troubleshooting a friends computer and have made very little progress. I believe her machine has some sort of root kit virus which has hijacked her browser causing redirects when following links, and prevents common anti-malware tools from operating. The system is an XP Pro machine and i think its running SP3.I wasn't even able to install anything until i killed a process called MDM.exe (Machine Debug Manager). With that process running, every time i tried to install something, it would throw a "cant write to 0000x0000xxx" error. Now at least i can install some programs. I have installed adaware, malwarebytes and emsisoft's Anti-malware. Anti-malware had some nondescript errors during the wizard, but it still went in and i was able to run the scan, but i don't know if it was compromised. So far, only Anti-Malware has turned up anything, it found a registry key for something called Dominator which is some sort of key logger. i wish i took more notes on that, but it was able to delete the entry.I was able to get malware bytes working by renaming the EXE. The quick scan has found nothing and the deep scan is going right now. I expect it to be done sometime in the morning. i hope that finds something but i have doubts.Adaware didn't seem to find anything.I also tried RKILL, but it only closed one process that was unrelated. The hosts file was also clear, i don't think any new viruses are going to use that old tr... Read more

Answer:Hijacked Browsers and anti-malware tools being blocked

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

15 more replies
Relevance 102.91%

Microsoft Pre-release Definition Updates

"Microsoft offers partially-tested pre-release definition updates for download before the fully-tested (released) version is available. These updates are listed below.

You can use these pre-release definitions to clean infected computers. You can also use them to protect computers that are at an immediate risk of infection. The pre-release definition update is not meant for enterprise-wide deployment.

Pre-release updates are explicitly created for malicious software threats. You should not deploy a pre-release definition update if you are not experiencing a threat for which it was explicitly created.

Note: After additional testing, certain pre-release definition updates will be released as regular definition updates. The same binary file that was used for the pre-release definition update may be used for the released definition update."

(Once you have read the above, expand the Spoiler below for URL to proceed)

Spoiler
Visit, Microsoft Pre-Release Definitions for Anti-Malware and Anti-Spyware

For Windows 8 and 8.1 users:
Please use the "Microsoft Antimalware products including Microsoft Forefront products or Microsoft Security Essentials". (64-bit users, mpam-feX64.exe | 32-bit users, mpam-fe.exe)
Screenshots posted from Windows 8.1 Update 1 (64-bit):

BEFORE





AFTER






 

More replies
Relevance 102.5%

Hey guys, as you probably know after AVG released version 7.5 anti-virus, they also released anti-malware and anti-spyware. Should I even bother downloading these, I already have Ewido Anti-Spyware, Spybot, Hijack This, Pandasoftware Activescan, and the aforementioned AVG Anti-Virus.
 

Answer:Solved: Should I bother downloading AVG Anti-Malware and Anti-Spyware?

Hi it's your call..I have enough protection already but I intend to d/load Avg Antispyware just to check it out.
As you may know Avg now own Ewido.
 

2 more replies
Relevance 101.27%

Recently from http://www.bleepingcomputer.com/forums/t/494727/superantispyware-or-malwarebytes/. Please take the poll and post suggestions for the poll here. 
 

Answer:Best Anti-Spyware/Anti-Malware/On-Demand Scanner

Hitman Pro to check scan, but needs paying for removal.   Comodo Cleaning Essentials which comes free with Comodo Internet Security for removal.

38 more replies
Relevance 101.27%

I am having the following problems:
- Many instances of "This page cannot be displayed"
- Many instances of links taking me to totally unrelated sites
- Cannot run "System Restore"
- Cannot run "Malwarebytes Anti Malware"
- Cannot run "Super Anti Spyware"
- Cannnot run "Spybot Search and Destroy"
Hope someone can help

Answer:Can't run System restore, anti malware or anti spyware

Hi shearty,Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."Removal InstructionsEmpty all p2p (Bitlord, uTorrent, etc...) download folders. They might contain infected files. Please avoid using these p2p applications until the system is clean. Using these applications at this stage might lead to reinfection or infecting other users.

You have the latest version of Java (Java 6 Update 13) and it is good. Older ve... Read more

11 more replies
Relevance 101.27%

I'm always trying to keep up with the latest and greatest anti-spyware and anti-malware programs. I use Avast as my anti-virus program and for my main anti-spyware/anti-malware programs I use:

Malwarebytes' Anti-Malware
Spybot - Search & Destroy
SpywareBlaster
SUPERAntiSpyware

I also sometimes use:

Ad-Aware
a-squared
RogueRemover

Are there any other good programs I should know about? I figure the more the better!

Thanks!

Answer:Are there any good new anti-spyware/anti-malware programs?

Spyware Terminator.-- Web Security Guard is included in the download but not required. After installation you will be prompted to Enable Web Security Guard Toolbar. This browser add-on (similar to Site Advisor) is enabled by default so be sure to uncheck the box if you do not want it installed. If you install WSG by mistake, it can easily be removed later via Add/Remove Programs in Control Panel.-- If you already have an anti-virus application, there is no need to install the optional Clam AntiVirus integration. ClamAV does not have a real time scanning engine but you can integrate it into ST's Realtime Shield to include virus scanning support.However, you can overkill your system with resource heavy security programs that will drain your resources and slow down performance. Sometimes you just have to experiment to get the right combo for your particular system as there is no universal solution that works for everyone. mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products) Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth.While not free, I recommend using Malwarebytes Anti-Malware and taking advantage of the Protection Module which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology... Read more

10 more replies
Relevance 100.45%

Hi There

Around 3 days ago i was downloading nintendo ds roms and noticed my computer lockup. i've had the antivirus pro malware before and malwarebytes cleared that up no problem but this time the infection will shut it off malwarebytes mid-scan then deny me permissions to access or modify the program again. It also does this with spybot, superantispyware and others. My web browser is hijacked also. To begin with i was locked out of the task manager but that has stopped now.

Following the advice in thread 201471, i have followed used AVPFind.bat and attached that log, run the superantispyware online scan and post the MGtools zip file.

I have tried using the super online scan but it freezes halfway, locking up the pc. i've attached a screenshot of when this happened as i'm hoping the file/registry value it was on at the time might help. IObit security 360 did find 'spyware.win32/Dropper C:WINDOWS\win32k.sys'. In fact it seems to have caught that more than once.

I'm truly grateful for any help you can offer so i'll be waiting patiently for a response.
 

Answer:'anti virus pro' type malware, cannot run AV, browser hijacked etc

Now download and save this XPsp3bu.exe to your C:\ root folder. You must do this properly. Now run the XPsp2bu.exe program by double clicking on it. You may or may not notice a quick flash of a black window. This is normal. The program runs quickly and just extracts some files we need.

Now download The Avenger by Swandog469, and save it to your Desktop.

* Extract+ avenger.exe from the Zip file and save it to your desktop

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:



Files to move:
C:\MGTools\temp\eventlog.dllmg | C:\WINDOWS\system32\eventlog.dllClick to expand...

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now see if you can get MGTools to run to completion:
run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\Avenger.txt
... Read more

1 more replies
Relevance 100.04%

Donna over at Calendar of Updates has posted a second test regarding the viability of free anti-malware and free anti-spyware programs - Malware Detections of Free Anti-Malware/Anti-Spyware

see Malware Detections of Free Anti-Malware/Anti-Spyware - Calendar Of Updates

For those who don't know, Donna also previously posted another test, Rogue Detections: Old, Not So Old and New Threats
see Rogue Detections (old, not so old, new threats) by malware scanners - Calendar Of Updates

Answer:Malware Detections of Free Anti-Malware/Anti-Spyware

Hi John

Looks like a fairly good test, unfortunately it's on an XP box. Do you know if they plan on running one on a Vista system, since the way that many malware works will affect it's viability on Vista systems?

Thanx for the link! Still lots of good info there for our members.

7 more replies
Relevance 100.04%

Hey guys, my other computer is infected with the Vista Anti-Spyware 2011 rouge anti spyware. I have tried to run MBAM with no luck (the malware opens up instead of MBAM) I am currently trying to see if it will work in Safe Mode. Also, this is my other computer and because of the virus it has no internet access (anytime I try to navigate to a page the malware pops up) so please keep that in mind as you're giving instructions.

Thanks a lot guys
 

Answer:Virus/Malware: Vista Anti-Spyware 2011 (rouge spyware)

Alright, so this is just and update and a bump since I haven't had any replies in 24 hours

I tried to run MBAM in safe mode and the virus still popped up so this thing is pretty entrenched. Help me out here guys, thanks
Thanks
 

2 more replies
Relevance 100.04%

Hello, I consider myself a fairly advanced computer user, but I'm having an issue I'm 99% sure is MalWare related. My laptop freezes CONSTANTLY, sometimes out of nowhere, and sometimes when I walk away for 5 minutes. I have tried numerous times to run AVG, Ad-Aware SE, and both freeze shortly after the scan starts (also tried in SAFE MODE). Now sometimes I can browse the we for hours, but as soon as a start a scan, install, or update, these issues are more common. I am fairly confident that this is not a hardware issue, since I've ran advanced diagnostics on them all, including BIOS. I have a HiJack This Log, and help would be greatly appreciated!

HiJackThis.log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:22 AM, on 9/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDO... Read more

Answer:Unable to Run ANY Anti-Virus or Anti-Spyware programs, Comp freezes every 5 minutes.

BUMP!

--sorry, I'm desperate.
 

3 more replies
Relevance 100.04%

According to a story at Washingtonpost.com, the latest definitions for Microsoft's Anti-Spy flags Symantec's Norton Antivirus as a trojan and prompts users to delete essentials of the program. Users who follow the instructions hose their installation of Norton, requiring Windows registry edits and complete removal/reinstallation of Norton.

Microsoft's support forum is filling up with complaints, many from businesses that have been hard hit. This should be a cautionary note about deploying beta products in production environments.
 

Answer:READ!!!Microsoft Anti-Spyware Deleting Parts of Norton Anti-Virus

8 more replies
Relevance 100.04%

Hello!

I've been doing a springclean for my PC, and I would be grateful if someone would check my hijack this log for problems.

I've run all of my anti-spyware and AVG programes first. But, I have a question: after my programes have scanned for problems and put all the bad stuff into quarentine, do I need to do anything else with them?

I'm not sure if I should be trying to find ways of removing trojans etc. or if it is ok to just leave them in the quarentine area indefinatly.

Thanks for your help!

-------------

Logfile of HijackThis v1.98.2
Scan saved at 13:43:41, on 24/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\AntiVirusKit\AVKService.exe
C:\Program Files\AntiVirusKit\AVKWCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\AntiVirusKit\AVKPOP.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\System32\ctfmon.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\Pro... Read more

Answer:Solved: A hijack this log, and a quick question re: anti-spyware and anti-virus programes

7 more replies
Relevance 100.04%

I recently downloaded PC Security Shield (supposedly a good anti virus program) and Spyware Terminator (antispyware) and noticed that their icons sometimes, do not show up in my system tray when I boot up. And it stays like that. I've had no icons for three days now...huh?

I've looked up this problem in the accompanying (Security Shield) help menu and it wasn't any help....but it basically states no icon = no protection....so what the bejeepers can I do to fix this problem?
 

Answer:Anti virus/anti spyware programs missing from system tray

Just a quick thought, go to start-up options and see if they are listed as due to run on start-up, if you have no suitable programme to view your start-up programmes go to run and type msconfig and check the start-up tab
 

2 more replies
Relevance 100.04%

I have just finished with my original support and probably have to reformat. However, I would like to find out what is going on or at least in some contribute to helping someone in the future so I have come here.Despite good computer hygiene, Adaware, Spybot, McAfee-now Kasperskey, CCleaner, HijackThis, updating (wondering if this might have brought in some problems), and Zone Alarm firewall, I have problems which I first noticed when I was hijacked from Paypal. This showed on my first HJT scan but disappeared without treatment shortly thereafter. My antivirus, etc., have been disabled although they LOOK as if they are working but don't so much as find a cookie anymore--except for CCleaner. Spybot doesn't find About:Blank but it showed up on the browser scan. I tried to delete it and it doesn't show on any scans but I still see it fly by the bottom of my screen as IE pages are loaded. When I go to my history or temporary files, when I can see them, they are mostly ad pages. I have tried all the usual CWShredder, etc., and they don't find anything.MWAV is the only scan that has shown much. When I submit some suspicious files from comboscan to either VirusScan or Jotti, more often than not they jam VirusScan and I get error messages from Jotti that it is either the wrong stream or the file is empty. Sometime the folders are empty. I have tried to rename them but many times I am not allowed. Sometimes when I explore I can see the folders have information but when I go... Read more

Answer:Anti-spyware & Anti-virus Disabled, Keylogger, Hijack, Worms

Download this program:submit files packerHighlight the files listed below in bold and right-click and selecting copy.C:\WINDOWS\zts2.exeC:\WINDOWS\system32\vcmgcd32.dllC:\WINDOWS\system32\iifgfgf.dllC:\WINDOWS\rundll16.exeC:\WINDOWS\rundl132.dllC:\WINDOWS\logo1_.exeC:\WINDOWS\system32\TASKMGR.COMC:\WINDOWS\REGEDIT.COMC:\WINDOWS\system32\T.COMC:\WINDOWS\R.COMC:\WINDOWS\system32\tmp.regThen start the file packer program and right click in the white box and select paste to paste the copied file names in the field.Then press the Continue button.I will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.Rename this file to yourmembername.cab (for example grinler.cab).Then go to:http://www.bleepingcomputer.com/submit-malware.phpand fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.

54 more replies
Relevance 100.04%

Coranti is powered by not one, but four world-class anti-malware scan engines!
I remember reading that G-Data too had 2 AV engines included: BitDefender & Avast
Coranti 2010 Multi-Core Anti-Virus & Anti-Spyware had 4 anti-malware scanners: Bitdefender, F Prot, Norman & Lavasoft. Coranti 2010 is in beta stages and a 30 day trial version is available for download. Although its a shareware I chose to share about it here because of its unique nature of being a multi-core anti-malware!
I have not tried it but if anyone does, do share your experience here!
The installer is around 21 MB, but after installation it downloads updates and program components worth 250 MB.

Answer:Coranti 2010 Multi-Core Anti-Virus & Anti-Spyware

Coranti seems to have a long list of serious compatibility issues with many popular anti virus products, (AVG all versions, Eset, BitDefender are just a few). It is strongly advised to visit the Coranti support page before installing.

7 more replies
Relevance 100.04%

How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)





Quote:
If your PC is infected with the Win 7 Anti-Spyware 2011 malware or something similar, you?ve come to the right place, because we?re going to show you how to get rid of it, and free your PC from the awful clutches of this insidious malware (and many others)
Win 7 Anti-Spyware 2011 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, Security Tool, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.
This particular virus goes by a lot of names, including XP Antispyware, Win 7 Antispyware, Win 7 Internet Security 2011, Win 7 Guard, Win 7 Security, Vista Internet Security 2011, and many, many others. It?s all the same virus, but renames itself depending on your system and which strain you get infected with.


Source ...

Answer:How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

Thanks for the information. I hope I never have to use it.

2 more replies
Relevance 100.04%

Hello All,I am not able to update my Zone Alarm Internet security suite for some weeks now. I was directed here from the Zone Alarm Forum. Although I can browse through most of the websites, I am not allowed to access Zone Alarm update, Microsoft update. I also tried http://www.malwarebytes.org/mbam.php and also http://downloads.superantispyware.com/down...AntiSpyware.exe but was denied access both on IE and FirexFox.Further Filemon and RootkitRevealer do not work any on my machinePlease help.Thanks

Answer:Unable to access Anti-virus updates / Anti-spyware website

Thanks guys,
All problems solved Thanks to SuperAntiSpyware.

2 more replies
Relevance 100.04%

Please help. I am working on a network and need a corporate anti-virus program and anti-spyware programs? I know McAfee and Symantec offer something, but I know the personal editions I have had a less than nice experience. Any suggestions?

Answer:Need A Corporate Anti-virus Program And Anti-spyware Programs? Any Suggestions

Take a look at this Spysweeperhttp://www.webroot.com/enterprise/products/

4 more replies
Relevance 99.63%

Hi,

I have this latop that I know if severely infected. I know for certain it has the Total Security & Windows Antivirus 2009 malware. I have also found traces of Lampsy Trojan, Biforse Trojan, Lineage-AV Trojan.

I have been able to kill these manually. I beleive there must be more infections. Whenever I try to install or run ANY type of anti-virus/spyware/malware it fails. I have tried MalwareBytes, SpyBot S&D, SuperAntispyware, Asquared and some others. These programs will either install .. IE ... the installer shuts down right away, or they will install but as soon as a scan is initiated they are shut down ... and once shut down they will not open again.

I have tried the renaming of the scan exectuable files as I read in some forums. This has no effect. No matter what I try no program will operate. I know there are still infections because regedit.exe will not start, msconfig will not start, when I right click on my computer and choose "properties" that wont load either.

I can see that iexplore.exe is running, and whenever I close it, it restarts itself without actually showing the browser. If I delete iexplore.exe from Program Files another one spawns.

I cannot boot into safemode. When I try, the drivers start to load but eventually the laptop just reboots itself after a point.

This PC just has be stumped. I would appreciate any advice. Thank you.

OS
 

Answer:Not anti-virus/spyware/malware will run

combofix
 

14 more replies
Relevance 99.63%

Hello,
 
I'm trying to decide what security package I should get; either bought, for free or a combination of bought and free.  I'd very much appreciate someone who REALLY knows what they're talking about advising me as to my best course of action.
 
Thanks!
Panoply

Answer:Hello. I'm new. Best anti-virus/malware/spyware?

 
This is what I tell folks who ask the question you have.
Choosing a security toolkit with anti-virus, firewall and anti-malware programs is a matter of personal preference, your needs, your technical ability and experience, features offered, user friendliness, ease of updating (and upgrading to new program release), ease of installation/removal, available technical support from the vendor and price. Other factors to consider include detection rates and methods, scanning engine effectiveness, how often virus definitions are updated, the amount of resources the program utilizes, how it may affect system performance and what will work best for your system. A particular anti-virus that works well for one person may not work as well for another. You may need to experiment and find the one most suitable for your use and your system. There is no universal "one size fits all" solution that works for everyone and there is single no best anti-virus.Choosing an Anti-Virus ProgramSupplementing your Anti-Virus Program with Anti-Malware ToolsChoosing a Firewall

5 more replies
Relevance 99.63%

What is A-Squadred & Windows Defender.Are they Anti-Virus Programs.
Which Best Anti-Malware,Anti-Spyware.
Is there any other Infectives other Virus,Malware,Spyware......
 

Answer:Which Best Anti-Malware,Virus,Spyware?

16 more replies
Relevance 99.63%

I used to have AVG on my PC but still got a major downloader trojan that dup'd itself and changed file names.So I spent ages yesterday re-formatting and re-installing XP after my pc crashed in it's entirity.Now I am back online and unprotected now!! OOpps!!I tried installing AVG again but it will not have it.I have no idea what to put on it as I have a copy of my mums XP on my pc.I'll put in the dxdiag for people to have a look and suggest what I need:------------------System Information------------------Time of this report: 7/29/2008, 20:37:19 Machine name: SARAH-3GGF75PDC Operating System: Microsoft Windows XP Professional (5.1, Build 2600) (2600.xpclient.010817-1148) Language: English (Regional Setting: English)System Manufacturer: ECS System Model: 945GCT-M2 BIOS: AAMMII - 8000716 Processor: Intel® Pentium® Dual CPU E2140 @ 1.60GHz (2 CPUs) Memory: 1024MB RAM Page File: 177MB used, 2285MB availablePrimary File System: FAT32 DirectX Version: DirectX 8.1 (4.08.01.0810)DX Setup Parameters: Not found DxDiag Version: 5.01.2600.0000 32bit Unicode------------DxDiag Notes------------ DirectX Files Tab: No problems found. Display Tab 1: No problems found. Sound Tab 1: No problems found. Music Tab: No problems found. Input Tab: No problems found. Network Tab: No problems found.------------------DirectX Components------------------ ddraw.dll: ... Read more

Answer:What Anti-virus/spyware/malware Shall I Use?

Hello, take alook here try afree AVFreeware Replacements For Common Commercial AppsInstall a firewall,2 Spyware removers also.Example AVira, (AV)Comodo (Firewall)SpywareBlaster and SuperAntisyware (Antispyware)

5 more replies
Relevance 99.63%

I use windows xp.

Can someone please recommend an anti-virus program that will also remove any spyware, or malware.

There's so many products out there, that for someone like me, I just don't know what to get. I don't expect free, but I can't pay an arm and a leg either.

Thanks so much,
Judy

Answer:Anti-virus,malware,spyware help Please.

No product will protect you from all infections and none can remove everything out there. Many free products work just as well as the paid options but nothing will protect you 100%. You, the end user, are the best defense.

The best method for protecting a system is to start with secure the system and being knowledgeable about online safety.

Running Windows with a limited user account, keeping ALL software updated and removing any software that is not used can help to reduce the chance of infections.

More information can be found here:
PC Safety and Security - What Do I Need?

Here's one independent study on the effectiveness of AV products running on Windows XP:
AV-TEST - The Independent IT-Security Institute: Jul/Aug 2012

3 more replies
Relevance 99.63%

Hello,

Firstly thank you for your help - I really do appreciate it.

My HpCompaq laptop is infected with a virus that is blocking multiple anti-spyware software, Vista updates, and even my Kaspersky anti-virus.

1) The virus does not allow me to access websites to download anti-spyware nor access the windows update site.

2) I have downloaded the following programs on another computer, burned on CD and run on my laptop:
- Malwarebytes Anti-Malware - Installed but does not run
- Spybot - Cannot install as access to the website is blocked during installation
- AVG Anti-Virus trial version - Cannot install due to 0x8007013d - Action failed for file avgmfx86.sys

3) I have managed to run CCleaner and clear out all the temp internet files

4) The HiJack This log reads:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:59, on 14/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files... Read more

More replies
Relevance 99.63%

Help: I am unable to run avg or any online anti virus programs and unable to download any spyware programs. Unable to do so in safe mode as well. Can anyone offer any suggestions?

Sandy
 

More replies
Relevance 99.63%

what is best free anti-spyware, anti-virus software for Windows 8?

More replies
Relevance 99.63%

I have Windows Defender right now, I don't know if it's good or not though. I did a Panda activescan online and it came with 40 different spyware infected files and one virus I think, but when I ran a full scan on Windows defender it found nothing. Basically I want to get rid of defender and find a good anti-virus and anti-spyware program that's free. It can be an online scan but preferrably works from the computer.

Any takers?
 

Answer:Need a good anti-virus & anti-spyware, etc program that's free.

11 more replies
Relevance 99.63%

Microsoft's Anti-Spyware program is causing troubles for people who also use Symantec's Norton Anti-Virus software; apparently, a recent update to Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it.

According to several different support threads over at Microsoft's user groups forum, the latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)."

When Microsoft Anti-Spyware users remove the flagged Norton file as prompted, Symantec's product gets corrupted and no longer protects the user's machine. The Norton user then has to go through the Windows registry and delete multiple entries (registry editing is always a dicey affair that can quickly hose a system if the user doesn't know what he or she is doing) so that the program can be completely removed and re-installed.

I put in calls to Microsoft and to Symantec on this issue, but am still waiting to hear back from both companies.

Microsoft said it is shipping updates that fix this problem, but judging from the growing number of other threads on this in that forum, this is shaping up to be a pretty big issue for companies that have deployed Microsoft's free anti-spyware product inside their networks. It's a good idea to keep in mind that Microsoft's Anti-Spyware product is in beta mode: The company's product page explicitly says that Microsoft Anti-Spyware should not be dep... Read more

More replies
Relevance 99.63%

I need some help with recent problems I've been having with my PC. There're pop-ups that keep coming back, and I don't know how to remove it. I've tried scanning with Ad-aware 2007, and I even used my CA anti-spyware and anti-virus but to no avail. So I tried manually removing it. I searched my PC for suspicious files. So I tried removing a bunch of files that may be malicious software like winctl.exe, and boat32. I found the instructions on removing them in this forums after searching for it in google. So I did that, but the pop-ups keep coming back. I tried using hijackthis, but I'm not sure which files to delete. I've tried fixing some files that I think are harmful, but it doesn't seem to help. Can you show me what to fix in my hijackthis log? The pop-ups are an advertisement on CiD something.

Oh, and I don't know why, but I when I check my task manager it says I have 2 iexplore.exe running when I don't coz I usually use firefox. When I end the processes they just come back. Can you help me? Thanks.

HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:55 PM, on 9/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavas... Read more

Answer:Solved: Need help, pop-ups, Ad-aware, and CA anti virus/anti-spyware can't remove it.

16 more replies
Relevance 99.63%

Microsoft Anti-Spyware Removes Norton Anti-Virus Posted by Zonk on Saturday February 11, @06:32PMAn anonymous reader writes "According to a story over at Washingtonpost.com, the latest definitions file for Microsoft's Anti-Spyware beta flags Symantec's Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. http://it.slashdot.org/it/06/02/11/2259232.shtmlMicrosoft Anti-Spyware Deleting Norton Anti-VirusBy Brian Krebs | February 11, 2006; 01:42 PM ETMicrosoft's Anti-Spyware program is causing troubles for people who also use Symantec's Norton Anti-Virus software; apparently, a recent update to Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it.According to several different support threads over at Microsoft's user groups forum, the latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)".http://blog.washingtonpost.com/securityfix...deleting_1.htmlEdit to include note from Oldfrog at CCSP: This refers to the Enterprise version of NAV and not the home version.

Answer:Microsoft Anti-spyware Deleting Norton Anti-virus

Microsoft AntiSpyware Definitions Update #5807 corrected this false-positive.http://forums.subratam.org/index.php?showt...view=getnewpost

1 more replies
Relevance 99.63%

That's pretty much my problem. I don't know any details that could help. I tried installing Spybot to scan for the problem but I couldn't install it because my computer couldn't connect to the website and I can't move on with the installation. I'm about to scan with Avast but I doubt it will help. I know I didn't say much substance but hope it helps. Here's the HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:54:49, on 26/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.e... Read more

More replies
Relevance 99.63%

http://www.bleepingcomputer.com/forums/t/43934/microsoft-anti-spyware-deleting-norton-anti-virus/

More replies
Relevance 99.63%

Hi there, could anyone tell me if there is a free anti virus, anti spyware and firewall for UBUNTU 8.04 i386.

Thanks for any replies.
 

Answer:Free anti virus, Firewall/anti spyware for UBUNTU

6 more replies
Relevance 99.63%

I use avast! anti-virus... and have for a long time. I've been using SuperAntiSpyware for several months (as well as other antispyware programs), too, and they've always co-existed together with no problems.

Suddenly last night, avast! alerted me that SuperAntiSpyware "contains a sample of a Win:32 Trojan".

I'm no expert but I'm thinking this is unlikely, so I have told avast! to ignore SuperAntiSpyware, and NOT scan that SuperAntiSpyware.exe file.

Is this foolish?

Should I allow avast! to move the offending file to quarantine?
Or should I uninstall SuperAntiSpyware first (since quarantining the exe file will certainly render it useless anyway)?
Or can I continue to ignore the warning altogether??

Any expert advice would be greatly appreciated!

Thanks in advance,

~Julie~
Additionally:

I connect to the 'net (and a home network!) wirelessly.
My computer spec's are in the profile.
 

Answer:Solved: Anti-Virus Suddenly Alerts Me to Anti-Spyware... ?

8 more replies
Relevance 99.63%

http://blog.washingtonpost.com/securityfix...deleting_1.htmlBy Brian Krebs "Microsoft's Anti-Spyware program is causing troubles for people who also use Symantec's Norton Anti-Virus software; apparently, a recent update to Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it. According to several different support threads over at Microsoft's user groups forum, the latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)."When Microsoft Anti-Spyware users remove the flagged Norton file as prompted, Symantec's product gets corrupted and no longer protects the user's machine. The Norton user then has to go through the Windows registry and delete multiple entries (registry editing is always a dicey affair that can quickly hose a system if the user doesn't know what he or she is doing) so that the program can be completely removed and re-installed." David(Moderator edit: By-line and quotation marks inserted,content reduced to comply with fair use. jgweed)

Answer:Microsoft Anti-spyware Deleting Norton Anti-virus

It wanted to del my Norton IS all2gether. No way billy boy i want control over my own box. c asyset.com pup

2 more replies
Relevance 99.63%

I ran AVG anti spyware and Trend Micro AntiVirus and then f-secure. after cleaning up some viruses and trojans i still am getting pop-ups while browsing the internet.

log file:
Logfile of HijackThis v1.99.1
Scan saved at 2:45:02 PM, on 10/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Documents and Settings\Heather Beamish\Application Data\WinTouch\WinTouch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Heather Beamish\Desktop\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Expl... Read more

Answer:Solved: Still Recieving pop-ups after running Anti-Virus and Anti-Spyware

6 more replies
Relevance 99.63%

i need to ask what websites do contain the most indepth , frequntliy updated and nonbiased comparsion of antivirus and antispyware programs?
 

Answer:anti-virus and anti-spyware software comparison sites?

Hi

Yes try this one http://www.av-comparatives.org/
 

1 more replies
Relevance 99.63%

I only know of three Linux based anti-virus solutions and no anti-spyware. Perhaps people can add to this list:

1) F-prot = www.f-prot.com (100% free scanner for home users)
2) AVP = www.avp.com (trial scanner)
3) ClamAV

The great thing about these kinds of programs is that when you utilize them with Knoppix (runs linux 100% from a CD without touching the HD meanwhile giving you read-only access that can be easily made read/write if you wish), you've got a perfect rescue platform. No stealthy viruses can hide themselves (cause they won't be running) and ditto to spyware). This CD is also nifty if you suspect your system has been broken into and you want to check for rootkits, etc.

Knoppix = http://www.knoppix.net/
Knoppix Hacks (book) = http://search.barnesandnoble.com/boo...96007876&itm=1 (this covers things like virus scanning, data recovery and more).

Answer:Linux based anti-spyware/anti-virus solutions?

Sorry bout the AVP link. I realized it links to a sports page. Use kaspersky.com instead

2 more replies
Relevance 99.63%

Hello. =)

I'd like to know if there's an anti-virus/anti-spyware that, if my computer accidentally gets cut off, will resume where it left off? So, if the scan was 20% complete, and the computer turns off, once the computer is restarted it'll resume at 20%.

More Information
My computer, for some odd reason, keeps randomly turning off -- especially at night (usually after midnight). I've tried removing dust from the vents, wiping the vents with a little rubbing alcohol and a dry cloth, and using a fan to blow into the vents (in case it's getting too hot inside the hard drive). Nothing works.

A friend of mine told me to run an anti-trojan program; unfortunately, that didn't work. I've also run anti-virus scans (with AVG Free Edition) and anti-spyware scans (with LavaSoft, Anniversary Edition), and those didn't work either. The last time AVG & LavaSoft did a full scan was early this year (maybe January or February). But now, when I try running full scans, the computer ALWAYS cuts off.

Usually when I turn the computer back on, it gets frozen at the blue "HP/Intel" screen (Screen 1 of 4). Sometimes it'll go straight to the black "boot screen" (Screen 2 of 4; i.e., the screen where you can choose to use the Home Recovery Console, or go straight into Windows XP)...but then it (usually) immediately cut off. [*]

[*] = When my computer boots up, I always see four different screens before it reaches my desktop: a bl... Read more

Answer:Is there anti-virus/anti-spyware that resumes if computer turns off?

Hello

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 99.63%

Sometime back I came across a list of recommended free Firewalls, Anti-Virus and Anti Spyware Programs in one of the BC forums, but I do not remember where I found it.  Would someone point me in the right direction? 
 
Thank you, I appreciate it.

Answer:List of Firewalls, Anti-Virus and Anti Spyware Programs

Greetings,
 
If this is what you're talking about...
 
Antivirus, Antimalware, And Antispyware Resources
 
Hope this helps!!!

5 more replies
Relevance 99.63%

Hey,

How can I create a script that runs many different Anit-Virus, Anti-Spyware and many more one after another automatically?

Thanks
deanpcmad

Answer:Script To Run Anti-virus Anti-spyware, Etc Scans Automatically On After Another

I for one see a problem with 'automating' your malware tools, with a script. I don't allow any antimalware app to take action without prompting me for confirmation. That way I know what is coming up as malware. With a script you are trusting that it will make the right selection of actions without confirmation. The possibility is there to delete a perfectly legitimate file in error. Then you have to guess which application removed your legitimate file. Then you need to hope it can be 'restored'. In my opinion there is just too much trust and risk given to a script if it can even be done.

5 more replies
Relevance 99.63%

Hi,

I have just spent two nights removing the "Fake System Restore" virus from my girlfriends laptop
by following the guide on this site, so a big thankyou to whoever wrote the guide.

Now I want to make sure her laptop is protected as well as I can with free software.

I have installed; AVAST anti virus, Zone Alarm firewall and MalwareBytes onto the laptop,
but I now wonder if there are any other reccomended programs that I should install
to help avoid spyware, malware and viruses?

Thanks in advance,

Mark

Answer:Which are the best Anti Spyware and Anti Malware programs?

I recommend taking advantage of the Malwarebytes Anti-Malware (Pro) Protection Module in the full version which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology runs at startup where it monitors every process and helps stop malicious processes before they can infect your computer. Keep in mind that this feature does not guarantee something will not slip through as no product can detect and prevent every type of malware. The database that defines the heuristics is updated as often as there is something to add to it. Also keep in mind that Malwarebytes does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute. IP Protection (malicious website blocking) is part of the Protection Module and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. IP Protection is also designed to block incoming connections it determines to be malicious. Enabling the Protection Module feature feature requires registration and purchase of a license key that includes free lifetime upgrades and support. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as the program utilizes few system resources and should not conflict wi... Read more

5 more replies
Relevance 99.63%

just clean installed windows 7, looking for just a couple anti- things to keep EVERYTHING clean, dont mind paying
already have Avast! so an anti-vvirus program isnt needed, thanks for the help guys

Answer:best anti-malware anti-spyware-antieverything?

I highly recommend this.
I have both of my computer using the Professional version but they do have a trial version to see if you like it.

Malwarebytes : Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer

Every thing I have seen lets me think it works well with Avast. Both active at the same time.

9 more replies
Relevance 99.63%

Hello everyone!

My McAfee subscription through Dell runs out on Sunday May 23, 2010. I would like to know what are the best Free Anti-Malware, Anti-Spyware, and Firewalls out there. I looked at the list that is on here, but could not figure out which one is better for my situation.

I currently have as Anti-Malware and Anti-Spyware : a-Squared free, Spybot S&D free, MBAM free, and SUPERAntiSpyware free. I have Windows Defender and Firewall turned off because of interfering with McAfee.

I currently do not have the money to renew my subcription with McAfee, nor do I have the money to buy a paid full service security program with firewall.

My question is what do you recommend I should do and what programs are best for my situation?
PS: I was thinking of Microsoft Security Essentials, for 2 reasons: 1) It's Free and 2) my computer already has a lot of Microsoft programs on it. Has anyone had any experience with this program?

Answer:which are the Best Free Anti-Malware and Anti-Spyware

Groffeaston,

I installed MSE on my sisters W7 computer and she thinks it is great did that about 2 months ago when it was new. If you use MSE it wlii turn off Windows Defender because it includes it own spyware component. Use the Windows firewall with it cause from what I have read on MS sites it doesn't play well with third party firewalls. When you go to uninstall the McAfee makes sure to use there removal tool to get as many traces as possible otherwise you may have a problem installing MSE.

Good Luck Mr. Phelps this message will self destruct in 5 seconds!

Dan

12 more replies
Relevance 99.63%

I have Avira Antivir Free addition. I was wondering do I also need an anti malware protection? Which would be a good and cheap anti malware?

Answer:Anti Malware, Anti Spyware Software

Well, I do not run any anti-spyware/malware protection in real time but I do scan with it often. All the products I use to do this are free and easy. My favorite ones are SuperAntiSpyware, Malwarebytes and Spybot Search and Destroy. Since getting the first two, I rarely use Spybot for scanning as it is much slower than the others and I feel the others do a better job.

However, I like Spybot because it has an immunize feature for immunizing you system against known bad threats and also has a feature called SD Helper which is bad site blocker, anyways I think that is the name of the feature that does that. Also it can help you control what programs are allowed to start on bootup. Do not use that last feature unless you are an advanced computer user and know the difference between what does and doesn't need to start up when the system does. For most items, Spybot will give its recommendation on keeping that program running if you open the side panel and click on the item. Good rule of thumb on that one is, if it is a Windows program, leave it running, if it is for a program you just installed, you can decide if you want it to run or not when the system starts up. Other than the windows programs, the only things I allow to run on start up are my keyboard (as I use its customized features) and my anitvirus/firewall program.

11 more replies
Relevance 99.63%

Hi all!I honestly want to know which anti-malware/anti-spyware software to use. I know that there are so many anti-malware/anti-spyware software. One of my friends suggested me that Spybot is a good one but then, another friend told me that it is not. So, please, all suggestions are welcome. I need some advice for it! Thanks!

Answer:Question about Anti-Malware/Anti-Spyware

I think the best Freebie is Superantispyware.click here=

10 more replies
Relevance 98.4%

Hello,

I have Vista and I need a free anti-virus / anti-spyware removal tool/program. What is the best free one out there? I used to have Norton but it used too much memory and I didn't want to pay for subscriptions and updates.

Thank you for your time,

Joey

ps: is the stuff that comes with Windows (eg: windows defender) sufficient to deal with viruses?
 

Answer:Free Anti-virus / anti-spyware Program?

8 more replies
Relevance 98.4%

I recently read somewhere that is a good idea to have more than one anti-spyware program on your computer! Is this true?I'm about to purchase a new (and fairly expensive) PC and want to be extra sure i'm covered.Also is there any point in having more than one anti-virus or fire wall program installed? I was going to buy Bit defender 9 internet security package, after it got a great review in PC Advisor and a couple other online sites(it includes anti-virus, firewall, anti-spam and anti-spyware etc) is this sufficient to cover all areas? does it cover adware? does adware come under the "spam" or "spyware" catagory?lots of questions i know but any help would be appreciated!!!

Answer:multiple anti-virus/anti-spyware software?

This has been asked a lot, you can only have one software firewall, you can have as many antivirus programs and antispyware programs as you like BUT and this is important only one must be working at a time, if you install 2 anti virus programs and they are both working then they will conflict and either the computer will crash or lock up or viruses will get through. Better to have one of each and at least 2 for Spyware. The free ones are good enough theres no need to pay.I use AVG anti virus and Zone Alarm Firewall and Adaware and Counterspy for the spyware, all of them free except Counterspy but its only about 10 a year.

2 more replies
Relevance 98.4%

My computer is working fine with one major exception - it wont allow me to run any anti spyware or antivirus. I try to run Adaware and the the program is instantly closed. I try to access a website relating to virus scanning/protection, and it closes. Pandasoft is the only thing that's worked, and that must be because its online. Here is the report it kicked out - (I installed 007spy on my own computer to better understand it).

Incident Status Location

Potentially unwanted tool:Application/007Spy Not disinfected C:\Program Files\Common Files\Microsoft Shared\DAO\svchost.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\sophiel\Application Data\Mozilla\Firefox\Profiles\gud8dfes.default\cookies.txt[ad.yieldmanager.com/] ... Read more

Answer:Help! I cant use anti spyware, or visit anti virus sites.

For the moment I can only see one Trojan to come out..


Please download Combofix from HERE or HERE

Save ComboFix to the desktop.


Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


Open *notepad* and copy/paste the text in the quotebox below into it:



Quote:





KillAll::

File::
C:\Program Files\Common Files\Microsoft Shared\DAO\svchost.exe








Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.




Refering to the picture above, drag CFScript.txt into ComboFix.exe

Restart your computer.

When finished, it shall produce a log for you at C:\ComboFix.txt

Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please.


*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

4 more replies
Relevance 98.4%

^^topic

Is Norton Internet security a good program b/c I am looking for a good program that likes 2 firewalls
 

Answer:good anti-spyware and anti-virus software

Can't comment on NIS, but alot of people around here speak very highly of NOD32, and as a free alternative, you might want to look at AVG Free.
 

18 more replies
Relevance 98.4%

Greetings:I just had my computer formated again. The technician/friend who did the work told me that I needed a good anti-virus, firewall and anti-spyware program. I told him that I previously had AVAST! (which was recommended on this Forum and which I liked immensely) but when he checked the AVAST! website, he pointed out to me that the free version only gives anti-virus protection but no firewall or anti-spyware protection. He especially feels that the firewall is essential security. Well, does anyone know where I can download for free a program that gives excellent anti-virus, firewall and anti-spyware protection? BTW, I welcome your comments on what technician/friend said. Do you agree or disagree with what he said? Thank you in advance for any advice given.

Answer:Best, free anti-virus, firewall & anti-spyware????

Is this a different question to the one answered in this thread of yours?click here

10 more replies
Relevance 98.4%

Hi,
I'm not too PC-literate, but the way I see it,my Win XP Home has its own firewall, and my free AVG 9 is anti-virus/anti-spyware, so I'm fully covered aren't I, or do I really need to install extra programs?

Answer:so I need another firewall and anti-virus/anti spyware progs?

No malware program is 100% effective.That's why it's a good idea to go with a layered protection strategy.In addition to your AVG anti-virus, it's a good idea to occasionally run 1, or 2, online scans.Don't install a second Anti-virus, as this could potentially cause problems, which may render both programs ineffective.Check out Post #1, of our Freeware Replacements For Common Commercial Apps topic, for a list of some of the available online scanners.As far as malware is concerned, installing Malwarebytes' (mbam), and/or SUPERAntiSpyware, and running them as on-demand scanners, should pretty well cover your bases.As stated above, no program is 100% effective, and shouldn't be a substitution for safe surfing habits.

4 more replies
Relevance 98.4%

So, tomorrow I'm going to purchase some anti-virus and anti-spyware software for a computer I'm working on. It's got Ad-Aware 2007, Spybot S&D 1.5.2, and AVG 8 (free edition) installed already but the computer owner is just NOT running scans like I recommend.

So, I'm going to buy some software with the hope I can schedule scans and have greater flexibility in how the software operates.

I would prefer getting an app that covers BOTH virus and spyware protection, so I'm sort of leaning toward a commercial version of AVG 8 but I wanted to start this thread to get your feedback.

This is for a Windows XP Home Edition w/ SP2 machine.

Any recommendations?

Peace...
 

Answer:Anti-virus and anti-spyware application recommendation

Security Suite:Zone Alarm Security Suite as a all in one soluation (With kaspersky antivirus

Antivirus:
ESET Nod 32
Kaspersky antivirus

AntiSpyware:
Spysweeper
SUPERantispyware
Malwarebytes Anti Malware (A mix of Antivirus, Anitspwyare and Ad-Aware)
Counterspy
 

3 more replies
Relevance 98.4%

I have had a few problems with this. I will be on a completely harmless website, such as Youtube and suddenly Java 6 will start loading and then a fake anti-virus or a fake anti-spyware program will open up and I can't open any programs and it will tell me I have hundreds of viruses and that I have to buy their program, or some will even pretend to be from Windows Vista. What free progams can I use that will stop these from attacking me? I have Malwarebytes, AVG, and Spybot: S&D. What causes these? I don't even go on bad websites and I get these.

Answer:Fake anti-virus/anti-spyware attacks. Please help!

Hello, and welcome to Computer Hope Forums!I'm Crush but, you can call me Chris too and I will be helping you with your Malware issuesPlease note the following information about the malware forum:Only members of the Malware Removal Specialist user group are allowed to give advice on removing malware from your computer. Do not follow the advice of anyone without that user title.From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above. Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.If you have already asked for help somewhere, please post the link to the topic you were helped.We try our best to reply quickly, but for any reason we do not reply in two days, do this:Reply to this topic with the word BUMP.Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.Now that we have that out of the way:Download OTL  to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Under the Custom Scan box paste this inCode: [Select]netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%systemroo... Read more

1 more replies
Relevance 98.4%

Hi, I'm after a free download of anti-virus and an anti spyware software. There seems to be a lot of programs that identify spyware and virus' but not many that remove them aswell (without having to pay for the full version). It's for a computer that I use very occassionally on dialup so I'm reluntant to pay out for these programmes if there are freeware versions avialable. Can you recommend anything?

Answer:Free Anti-virus and Anti-spyware downloads

AvG [URL=click here][IMG]click here[/IMG][/URL]a click hereAd-aware click hereSpybot click hereAntiSpyware click hereSpywareBlaster click here

10 more replies
Relevance 98.4%

I do a fair amount of computer support work where I disinfect Windows machines infected with various viruses or spyware/malware. I do the usual stuff like installing and updating anti-virus (AVG) and anti-spyware (Ad-Aware, SPybot, AVG, etc) apps, scanning the system in safe mode, and so on.

I'm wanting to setup a Windows machine dedicated to scanning hard drives for viruses, spyware, and malware. The idea would be to have this machine setup with good anti-virus and anti-spyware apps and I would use external USB hard drive enclosures to hold infected hard drives and scan them on my "clean machine". I've already got 2.5" and 3.5" external USB HDD enclosures and I've already scanned a few hard drives using them connected to a "clean" XP machine I have.

Ok, that's the background on to the questions:

How good are anti-virus and anti-spyware apps at scanning hard drives connected via USB HDD enclosures? During the scans I've done this way, a number of items have been found but there always seems to be something left behind when I boot from the scanned HDD.
How thoroughly can the Windows registry on the HDD being scanned be scanned and cleaned on an externally connected HDD?
Is scanning a HDD through an external USB enclosure any better/safer than scanning in safe mode?
Are there any anti-virus or anti-spyware apps that do a particularly better job at scanning the filesystem than others?
Thanks!

Peace...
 

Answer:Question about anti-virus and anti-spyware apps

Ok I see a little the problem.

You know each company and each anti-virus program or even version have a different type of operation while scanning. As example if you take McAfee they change there engine for each version and software whereas a Norton its practically the same.

Now to see the problem for you it depend what software you're using. Or I would ask you to use different type of antivirus(not at the same time uninstall and install the new one) and check if they do the same errors. And also another problem depends on your PC RAM available(remaining) if you RAM is very low and that you're using some programs at the same time the files for those program may not be well scan due they are already in use and can't be access sometimes.

Now try to close those program and when making a scan open on the anti-virus software and also try to use different anti-virus program and they have different engine. Me I prefer to use McAfee Total Protection for me its the best try it and let me know if you have other problem.
 

2 more replies
Relevance 98.4%

Any recommendations for free security software?

Answer:Free Anti-virus, Spyware, Malware

Hello Here are some Anti Virus recommendations.Avira AntiVir or Avast Home EditionPlease note its is best to only run one anti virus programI recommend Comodo Free Firewall as your firewall. Its much lighter on you system than ZoneAlarm.And here are a few Anti Spyware utilitiesSpybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.SpywareBlaster - Great prevention tool to keep nasties from installing on your system.SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.Head over to the Freeware replacements For Common Commerical Apps topic for more

20 more replies
Relevance 98.4%

Hi,
I'm getting a new pc. My old one was plagued by viruses despite my constant attempts to rid them from my system and my antivirus software. So I'm looking to get the best software out there that is available so I don't have to deal with this stupid problem again.
I will have Vista home premium 64 bit. I will be using to computer for online gaming and also see the youtube videos and the explainer video, p2p, internet use ect. My Internet service provider supplies a free Mcafee version (they claim it is $120 value) but I'm not sure exactly all that it offers.
So what is the best anti-virus and anti-spyware software available? I'm not too concerned about the price, as far as I'm concerned almost any price will be worth not having to deal with constant trojans and viruses plaguing my rig. Should I go with what Comcast is offering for free or is there better stuff out there?
Thanks

Answer:What is the best anti-virus/malware/spyware software?

a new pc [with] Vista home premium 64 bit ???
My understanding is that extended support for Vista ended in April of this year... I can't picture any new Vista machines being available.   Assuming you can actually find one, keep in mind that Vista's "security" doesn't compare to current standards (i.e., what you'd get with Win10)... so if your primary concern is keeping your system secure and virus-free, I don't see Vista (if still available) as the answer.
As for the question of "best" antivirus, there's no real answer to that question.   Some people insist that paid programs are better than free ones ("you get what you pay for"), while others sincerely believe that several of the free programs do a great job.Personally, I use avast (free) or panda (free) on my various systems, and have not had a virus problem with either.   But I also am very careful how/where I surf, and have several "layers" of supplemental protection, as indicated in my signature.

2 more replies
Relevance 98.4%

Any have any recommendations as far as antivirus, malware, spyware ect tools go, im currently using -

ComboFix
MalwareBytes
S&D
CC Cleaner
Avast

These are mainly used to do virus removals on client systems. I love the fuctionality of Combofix anyone know of anymore Anti-Malicious software like that?

Answer:Anti-Virus,Malware,Spyware Ect. Software?

i use ms security essentials and do not run as a admin user.

also, i run the newest FF with adblock plus ext; very nice.

i've read that kaspersky has the most detections but also the most false positives. this may have been a year ago.

avira is supposed to be pretty good too.

someone else on these forums mentioned soluto recently. ive yet to try it.

edit - i use peer block, too

7 more replies
Relevance 98.4%

my computer was recently infected with something that makes this statement pop up every time someone logs on to the computer: the procedure entry point _ [email protected]@z could not be located in the dynamic link library msvcrt.dll. And in my attempts to get rid of it, i came across soft safeness, which i then realized was another infection. i cant get rid of either, and one of these infections stops any program that may help from running. Nothing seems to work, nothing opens, and i cant get rid of the infections

More replies
Relevance 98.4%

It seems my buddy's computer has some sort of Malware/Virus and has asked me for help.

3 screens appear on reboot.
Windows Security Center (lookalike)
-only has XP Anti-Spyware 2011 and Internet Options icons at the bottom
XP Anti-Spyware 2011 - Unregistered Version
-fake Infected listing
XP Anti-Spyware 2011 - Unregistered Version
-Attention Danger, blah blah

XP Home SP3
Can NOT turn on XP Firewall
Can NOT run Internet Explorer v8

Defogger - would NOT run, just does nothing when I try.
DDS - does run, logs created
Gmer - would NOT run, just does nothing when I try.

Booted into safe mode

Defogger - DID run, selected Disable
DDS - does run, logs created
Gmer - DID run, made sure options were correct, clicked Scan
-could not save log file as Safe Mode booted up into 640x480 video mode
-and save button was off the screen with no scroll bars to navigate to it
-No way to navigate to the Save button via mouse our keystrokes

Rebooted back to Normal mode

DDS - ran it again (attached Log files)
Gmer - still didn't run

Posted this information here

DDS.log:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 19:37:15.00 on Thu 04/14/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.1122 [GMT -7:00]
.
AV: ZoneAlarm Security Suite Antivirus *Enabled/Outdated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WIN... Read more

Answer:XP Anti-Spyware 2011 Malware/virus

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is... Read more

4 more replies
Relevance 97.99%

Survey: What Anti-Virus, Anti-Malware, Web-Protection, Fully-Featured Suite would you consider to be the best when assessing it from a price per "quality/quantity of features" perspective?

(Consider that the user will be using it for a Windows 10 laptop and desktop, & a Windows 7 desktop -- more Win 7 and 10 systems if possible!)

More replies
Relevance 97.99%

Running Windows XP, Home Edition, Version 2002, Service Pack 3, MSI Motherboard, 512MB Ram, Pentium 4 - 2.4GHz CPU.I used to have Spybot, but after some point whenever I tried to run it the computer would reset. Now, I've gotten a few messages from Windows Defender that there is a trojan on the computer. I can run a quick scan and remove what shows up, but when I try to run a full scan, the computer resets. I try to scan the computer with McAfee anti-virus, I can run a quick scan no problems, but when I try to run a full scan, the computer resets. I know there is at least 1 trojan/virus, but any program I try to run to get rid of the problem makes the computer reset. The latest software I installed is a-squared, and I can do a quick scan and find/fix a few problems, but when I do a full scan (in safe mode as administrator) a message pops up saying that the computer is going to shut down, NT AUTHORITY/SYSTEM.Please help before I tear out what's left of my hair.Pasted and attached.DDS.txt============DDS (Ver_09-01-07.01) - NTFSx86 NETWORK Run by Administrator at 22:34:33.51 on Fri 01/16/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.175 [GMT -5:00]============== Running Processes ===============C:\WINXP\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINXP\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:�... Read more

Answer:Multiple Trojans, PC resets when full-scan anti-virus or anti-malware is run

Hello AdamLinn13Welcome to Bleeping Computer. =====================Please re-open Hijackthis and click on "Do a system scan only"Then place a check mark next to these entries below:R3 - Default URLSearchHook is missingO2 - BHO: CMVideoPlugin - {08DEA348-F510-45FD-A6EC-CF3BE0917C5E} - C:\WINXP\system32\CMVideo.dllO2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllO4 - HKLM\..\Run: [Framework Windows] frmwrk32.exeO4 - HKLM\..\Run: [Rrokuwip] rundll32.exe "C:\WINXP\Gxizahopira.dll",eO4 - HKLM\..\Run: [Ngewok] rundll32.exe "C:\WINXP\exufijocifalut.dll",eO18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllNow click on Fix Checked and then close Hijackthis.====================================================Download ComboFix from one of these locations:Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine be... Read more

90 more replies
Relevance 97.99%

Are there any free, updated and/or recent Anti-Virus & Anti-Malware combos that could offer better protection than windows defender for windows 10?

Answer:Good Free Windows 10 Anti-Virus & Anti-Malware Combos

If you don't want to pay then I would recommend avast! Free Antivirus or Bitdefender Anti-virus Free Edition if you prefer not to use Windows 8/10 Defender.For more suggestions such as Sophos, Panda,and Avira see Choosing an Anti-Virus Program.Also see Supplementing your Anti-Virus Program with Anti-Malware Tools.

11 more replies
Relevance 97.99%

Good morning everyone,
Frequent visitor, first time poster of this forum. I want to thank anyone in advance for committing any amount of time to my problem. I'm hoping someone has some experience with this issue. Allow me to explain:

Yesterday, I woke-up my computer and opened up my browser (I use Google Chrome). As soon as I clicked to open the browser, I noticed a Windows Explorer Pop-up. I have attached a picture of what this box looks like, but to describe it for those who are not able to open the attachment: The windows header said "Mod Info" and the Content said "BC LOADED" the only available options for me to click were "OK" or the "Close" button at the top right. Without clicking anything the box then disappeared and Google Chrome opened as usual. This behavior was unexpected, I've never seen this before. Worrying I had some kind of Spyware or Malware, I decided to try running my AV program. I use Avast Free.

I went to look for the process in the hidden icons list on my taskbar, where it usually resides. I didn't see it there, which was concerning. I tried running the program from the start menu, but after clicking it, nothing opened. This was also a red flag that something must be wrong. So I decided to try and run Malwarebytes Anti-Malware. This program would also not open when prompted.

I decided to scan google for my symptoms to look for recommended fixes. Several tech support forums suggested to those who presented simil... Read more

More replies
Relevance 97.99%

My subscription for Macafee ran out and I never got around to downloading AVG or some other antivirus freeware on my netbook. I experienced some obvious signs of a virus/malware not long after (I would do a google search on Chrome and would get redirected to some very odd sites when I clicked on something safe-looking). So I attempted to download AVG and others with no luck. I then restored my system to an earlier date hoping this would be good enough to remove whatever virus/malware was affecting it. No such luck as I am still unable to download said freeware (although now I am able to surf the net with no issues). So, I happened across your lovely website and am crossing my fingers that you may be able to save the day!

Thanks so much for your time!

Here is the following info you request with each new post...
From Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:14 AM, on 11/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe... Read more

Answer:I cannot download anti-virus or anti-malware programs...(logs included)

I solved it.

Used ninite.com in safe mode to download AVG and Spybot. Rebooted. Ran both of them. Still couldn't download Malwarebytes. Ran online scanner from Microsoft. Rebooted. Was able to install Malwarebytes. Ran it. System is clean now.
 

1 more replies
Relevance 97.99%

11/25/2014 After viewing facebook videos all computer any normal split second minimal activity takes minutes.
Even in safe mode any activity in windows explorer is crippled.
Opening any folder Task Manager can take several minutes.
Internet access is unavailable, so I am submitting everything from non-infected Windows 8 machine.
All system restore points are gone.

Ran the who's who of malware utilities.
MalwareBytes, MalwareBytesAntiRootKit, RogueKiller, rkill, AdwCleaner, HitmanPro_64, tdsskiller
Full system scan with McAfee.
All of above scans are clean.
FRST_64 also ran to provide log files.
 

Answer:Infection undetected by malware anti-virus anti-rootkit software

A little more background:
I did not observe any obvious malicious or unexpected process entries in Task Manager.
dllhost.exe *32 appears intermittently when starting/stopping programs.
This is never more than a single instance, shows very little CPU or memory usage,
but does have path of C:\Windows\SysWOW64\dllhost.exe

AdwCleaner did identify and delete C:\ProgramData\apn

There was also something called Au_.exe leftover related to "DropBox" application.
I uninstalled "DropBox" and manually deleted Au_.exe file
 

15 more replies
Relevance 97.58%

As many of you know(quite a few don't) what EICAR is, this is a open poll to see what programs pick it up and what programs fail the basic tests.

I am conducting this poll because A-Squared failed to see this on a scan, but MSE picked it up before it could be downloaded.
So after you take the poll, Post what you used to test it with and results.

WIKI: http://en.wikipedia.org/wiki/EICAR_test_file
(links to test file) EICAR: http://www.eicar.org/anti_virus_test_file.htm

Answer:Test your anti-malware/anti-virus protection with EICAR

Microsoft Security Essentials caught and cleaned it as soom as I clicked on "save". Never had a chance.

9 more replies
Relevance 97.58%

I am planning on purchasing one eventually but just in the mean time to keep things safe any recommendations?
 
I've just cleaned up my computer of random "free anti-virus software" that was downloaded over a period of time, and my computer is finally free and I wanna keep it that way! hehe
 
Any help is much appreciated.
 
 
Thank you,
Justin

Answer:Best free anti-virus/anti-malware/protection for Windows XP 32-bit

There is no universal "one size fits all" solution that works for everyone and there is no single best anti-virus. Every vendor's virus lab and program scanning engine is different. Each has has its own strengths and weaknesses and they often use a mix of technologies to detect and remove malware. In many cases choosing an anti-virus is a matter of personal preference and what works best on a particular system. You may need to experiment and find the one most suitable for your needs. Please read:Choosing an Anti-Virus ProgramHere are links to some recent BC discussion topics with opinions from other members:Best anti-virus software for windows 8? 2015Looking for recommended anti-virus softwaresWhat is the best antivirus protection?What's the best premium security suite in the market currently?Recommend a good free antivirus programWhich antivirus and malware programs should I use together?Antivirus Solution?Here are links to polls about this very subject:Poll: Best Antivirus and FirewallPoll: Best Anti-Spyware/Anti-Malware/On-Demand Scanner

19 more replies
Relevance 97.58%

Hi and new to the forum . I currently have Norton Security, MBAM Pro, CCLeaner Professional, adwcleaner, and I did have Hitman Pro, for a while several years ago when my computer was hacked.
 
I have had Norton for several years, but I am thinking of switching to Emsisoft and use my Windows 7 Firewall. I use MBAM for live monitoring along with the Norton Security..The adwcleare software I use periodically, or if there is an issue the other programs don't handle. For example when out bound traffic was blocked by MBAM, but it was continously happening, the adwcleaner software found and eliminated the culprit. It was very useful also when my computer was hacked.  I also have the active monitoring turned off on CCleaner.
 
Would also adding Binisoft or Tinnywall add more security to the Windows 7 Firewall, or would it be better to just use the Windows Firewall by itself? I don't really want anything too complicated on the Firewall settings, but just maybe make a few teaks, possibly.  One other thing, would it be good to add WinPatrol Pro?
 
Sorry for a lot of questions, and thanks for any responses as I value your opinions.

More replies
Relevance 97.58%

While attempting to install counterspy on a friends computer I got the message that says the system administrator has set policies that prevent this installation.I also tried malwarebytes and it refused to install.I'm logged in as the administrator.I also attempted to do a scan with AVG and it disabled itself.I tried an online scan at Trend Micro but I could not reach the website.The browser redirected me to some strange search engine.How should I go about stomping this thing out.

Answer:unable to install or run anti-virus anti-malware programs

Hi Defraggerman I suggest you post a HijackThis log for examination.A member of the HijackThis Team will walk you through, step by step, how to disinfect your computer.Read the Preparation Guide before posting a HijackThis Log.Please read, and follow, all directions carefullyRun a log, and post it in the HijackThis Logs and Analysis forum.Do not, post it in this topic.Do not, fix anything, yet.A member, of the HJT Team, will help you out.It may take a while to get a response from the HJT Team, because they are very busy. Please, be patient, as these people are volunteers. They will help you, as soon as possible.NOTE:Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.

1 more replies
Relevance 97.58%

What is everyones preference for business/corporate deployed anti-virus/anti-malware? I've used the following products, all the most recent versions available of the corporate/business/enteprise product: Symantec, Trend, McAfee, ESET NOD32. I've alo used Sophos, but that was about 3 years ago. Also used Webroot Spysweeper in terms of a dedicated anti-malware product.

A few that I'm interested in knowing some more about are Kaspersky and VIPRE Enterprise. Anyone have experience with them in the centrally controlled corporate environment?

I want to learn more about Kaspersky especially as their engines are used in a lot of products which take multi-engine approach, and their windows client has the basic stuff (anti-virus/anti-malware/e-mail protection) plus some things that are not in cetain other clients (desktop firewall, and web protection).

Also looking for other recommendations.
 

Answer:Business/Corporate/Enterprise anti-virus/anti-malware

Sophos user
 

37 more replies
Relevance 97.58%

Hi I'm reinstalling my operating system and starting everything over on my laptop, and need some good free sources for Anti-Virus and Anti-Malware and any other programs I should start fresh with to make sure everything stays safe and protected.
Thanks,
Mike

Answer:Windows 7 Home Premium - Need Anti-Virus and Anti-Malware

Microsoft Security Essentials, Avast 8 or Avira
Malwarebytes
Spywareblaster
SuperAntispyware
All Free Versions and most of all -> http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

1 more replies
Relevance 97.58%

Hi
 
I just bought my first ever smartphone (yes, I've been living under a rock) - the iphone 5s. I'm after recommendations for good software to protect it, free if possible.
 
I've looked in the itunes store and the options for anti-virus seem limited. The Mcafee app gets bad reviews and the others I've never heard of, and/or have no reviews. any suggestions would be great.
 
On the anti-malware front, i can't seem to find anything in itunes store when i try to search. I like the Malwarebytes anti-Malware program for my laptop, but unless I'm mistaken the only mobile app they have is for Androids, not iphones. Again, any recommendations would be much appreciated.
 
This novice appreciates your time and ideas...

Answer:Good anti-virus and anti-malware software for iphone 5s

The reason they have more anti-virus apps for Android is because the Android platform is more vulnerable to malware. On Android, you are able to download and install a variety of things from unknown sources.
 
For the iPhone, however, anti-virus isn't really needed unless you have jailbroken your device.
 
Hope this helped.

10 more replies
Relevance 97.58%
Answer:What is a good Free Anti-Virus, Anti-Malware software?

Hello Rawkfist, and welcome to Vista Forums.

If you like, Avast is a good free option.

AVAST 2014 | Download Free Antivirus Software for Virus Protection

11 more replies
Relevance 97.58%

Hi all!
 
Nowadays, we all have real-time running anti-virus, anti-malware and anti-exploit/anti-ransomware for maximum computer security, as well as backup- and disk imaging software, along with Windows Firewall.
 
And of course common sense and following Best Practices for Safe Computing.
 
It is also equally important to use add-ons in your web browser like i.e. WebOfTrust, µBlock Origin and Ghostery for additional security.
 
However, no installed security tools will provide 100% continous protection, even with a multi-layered security solution. There is always a chance that some malware can bypass everything.
 
Nevertheless, that is where standalone anti-malware tools can help detect and remove whatever malware could remain on your system.
 
And hence, my question is as follows;
 
Do you supplement your Anti-Virus with standalone Anti-Malware tools?
 
Thank you very much in advance!
 
Regards,
midimusicman79

More replies
Relevance 97.58%

This pinned topic contains a list of existing topics devoted to specific Anti-Virus and Anti-Malware products. Please consult this list before create a new Product Topic in this forum. For more information about Product Topics, please see this topic: Product Topics and how to create themWhen new Product Topics are added to this forum, please reply to this topic with a link to it so that it can be added to the index.Existing Product Topics are:CryptoGuard by SurfRightRKill by BleepingComputer.comSecureAPlus Freemium - Application whitelisting + AntivirusUnhide by BleepingComputer.comMalwarebytes Anti-Malware 2.0 Discussion TopicEmsisoft Anti-Malware 9.0 Discussion Topic

More replies
Relevance 97.58%

Hi
 
I just bought my first ever smartphone (yes, I've been living under a rock) - the iphone 5s. I'm after recommendations for good software to protect it, free if possible.
 
I've looked in the itunes store and the options for anti-virus seem limited. The Mcafee app gets bad reviews and the others I've never heard of, and/or have no reviews. any suggestions would be great.
 
On the anti-malware front, i can't seem to find anything in itunes store when i try to search. I like the Malwarebytes anti-Malware program for my laptop, but unless I'm mistaken the only mobile app they have is for Androids, not iphones. Again, any recommendations would be much appreciated.
 
This novice appreciates your time and ideas...

Answer:Good anti-virus and anti-malware software for iphone 5s

The reason they have more anti-virus apps for Android is because the Android platform is more vulnerable to malware. On Android, you are able to download and install a variety of things from unknown sources.
 
For the iPhone, however, anti-virus isn't really needed unless you have jailbroken your device.
 
Hope this helped.

14 more replies
Relevance 97.58%

ok, i've got like an anti-virus, anti-malware, anti-spyware, and a hijack this. Should i like remove some of these programs? Cause i need the laptop to speed up. any suggestions?? thanks.
 

Answer:Anti-virus, antispyware,anti-malware, hijack this! should i remove some of them?

There is excellent support here on TechSpot for major infestations.
In the meantime, if you need free software, I would download Avira Antivir, SuperAntiSpyware, MalwareBytes, and the free Microsoft Security Essentials. Run full scans with each. If they find evil infestations, remove them, then reboot and rerun the scans one more time.
 

7 more replies
Relevance 97.58%

Hi and new to the forum . I currently have Norton Security, MBAM Pro, CCLeaner Professional, adwcleaner, and I did have Hitman Pro, for a while several years ago when my computer was hacked.
 
I have had Norton for several years, but I am thinking of switching to Emsisoft and use my Windows 7 Firewall. I use MBAM for live monitoring along with the Norton Security..The adwcleare software I use periodically, or if there is an issue the other programs don't handle. For example when out bound traffic was blocked by MBAM, but it was continously happening, the adwcleaner software found and eliminated the culprit. It was very useful also when my computer was hacked.  I also have the active monitoring turned off on CCleaner.
 
Would also adding Binisoft or Tinnywall add more security to the Windows 7 Firewall, or would it be better to just use the Windows Firewall by itself? I don't really want anything too complicated on the Firewall settings, but just maybe make a few teaks, possibly.  One other thing, would it be good to add WinPatrol Pro?
 
Sorry for a lot of questions, and thanks for any responses as I value your opinions.

Answer:Is This a Good Anti-Malware and Anti-Virus Protection Program?

Although Norton (Symantec) is as good as any other well known anti-virus program, it it requires numerous services and running processes that consume a lot of system resources and often results in complaints of high CPU usage. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up and create files/folders/registry entries in various locations. Further, there have been numerous complaints about lack of sufficient support from the vendor.I have read from other users that Norton has made improvements in newer versions of their software so they are not as resource heavy as past versions...while others still say differently. Those issues plus the cost factor are the primary reason many folks look for a free alternative. IMO, Norton (Symantec) is better utilized in an Enterprise system environment protecting many client computers. With that said, there are a lot of folks who prefer using Norton (especially if it came preinstalled) and there is nothing wrong with staying with a product you are satisfied with.Switching to Emsisoft and using Windows 7 Firewall is a wise choice.5 Reasons Why the Windows Firewall is one of the Best FirewallsWindows Firewall: Your System’s Best DefenseEmsisoft Anti-Malware is an effective alternative to consider. Despite it's name, Emsisoft Anti-Malware is an antii-virus program...Emsisoft FAQs: Why is it called "Anti-Malware" and not "Antivirus"?. See my com... Read more

2 more replies
Relevance 97.58%

This pinned topic contains a list of existing topics devoted to specific Anti-Virus and Anti-Malware products. Please consult this list before create a new Product Topic in this forum. For more information about Product Topics, please see this topic: Product Topics and how to create themWhen new Product Topics are added to this forum, please reply to this topic with a link to it so that it can be added to the index.Existing Product Topics are:CryptoGuard by SurfRightRKill by BleepingComputer.comSecureAPlus Freemium - Application whitelisting + AntivirusUnhide by BleepingComputer.comMalwarebytes Anti-Malware 2.0 Discussion TopicEmsisoft Anti-Malware 9.0 Discussion Topic

More replies