Over 1 million tech questions and answers.

Malwarebytes IP Protection Constantly Popping up

Q: Malwarebytes IP Protection Constantly Popping up

I recently had a problem with a constant popping sound and started a thread here for help: http://www.bleepingcomputer.com/forums/top...ml#entry1400691It helped me identify the source of the sound. It was suggested I post here to see if an infection is at the root of my problem.To sum up, I was hearing an almost constant bubble popping sound which ended up in fact being the Windows XP Balloon Tip Sound. After some trial and error with the advice given I found my registry had been changed to not show the balloons. Once I changed it back I began receiving the following balloon - "IP Protection Infection Detected" from Malwarebytes. Many IP's have shown up from various spots on the globe and it was suggested perhaps this forum could help me find if an infection on my PC is "calling out" to these IP's known to be associated with malware, etc.The people on the other forum were awesome and helped me get this far. If anyone can help from here it would be greatly appreciated!

RELEVANCY SCORE 200
Preferred Solution: Malwarebytes IP Protection Constantly Popping up

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Malwarebytes IP Protection Constantly Popping up

I reccomend you visit the Malwarebytes Forum and create an account there so they can help with you issue more easily.

Read other 2 answers
RELEVANCY SCORE 77.6

Have followed the five steps including the DSS scan, below are pasted the results with main.txt, then the logfile of the HijackThis scan. The DSS extra.txt results are attached.

Deckard's System Scanner v20071014.68
Run by Idjit on 2008-02-07 19:20:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
38: 2008-02-08 00:20:04 UTC - RP843 - Deckard's System Scanner Restore Point
37: 2008-02-08 00:13:07 UTC - RP842 - Software Distribution Service 3.0
36: 2008-02-07 14:24:11 UTC - RP841 - Installed SUPERAntiSpyware Free Edition
35: 2008-02-07 02:35:44 UTC - RP840 - Point de v?rification syst?me
34: 2008-02-01 02:53:46 UTC - RP839 - Point de v?rification syst?me


-- First Restore Point --
1: 2007-11-10 17:18:39 UTC - RP806 - Point de v?rification syst?me


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Idjit.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:14, on 2008-02-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\ser... Read more

A:virus protection malware constantly popping up

Hello and welcome to TSF.

We'll begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/comb...o-use-combofix

When the tool is finished, it will produce a report for you.
Please post the C:\ComboFix.txt along with a new HijackThis log so we may continue cleaning the system.

Read other 1 answers
RELEVANCY SCORE 54

It really annoying and it keeps popping up when i start my computer IE and mozilla firefox automatically open and direct to Dr.ptotection website. and so many sites like www.highwaysite.st and scanner.dr.protection-adv.com please help me to get rid of it. heres my Hijack log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:24:31 PM, on 2/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.e... Read more

A:Dr. Protection Keeps Popping Up

i hope i have posted this on the right thread, guys please help i want to get rid of it.

Read other 9 answers
RELEVANCY SCORE 53.6

AVG free edition shows popup window with warning re: C:\WINDOWS\system32\atl7.dll TrojanHorseBackdoor.Generic10.AMEC

I would very much appreciate some help with this.

thankyou.
 

A:AVG constantly popping up with warning

Read other 16 answers
RELEVANCY SCORE 53.6

I don't know what may have started this, but kaspersky kept telling me that svchost.exe was performing a suspicious action trying to inject something into winlogon.exe. It asked me to allow/deny, I denied, and it kept repeating. Eventually I ran a scan and detected that "smarthook.dll" contained a trojan. I used kaspersky to remove it, and downloaded a clean copy of the .dll and put it in my system32 folder.

Now I am receiving the classic:

svchost.exe:
"The instruction at "0x7588bba5" referenced memory at "0xfede1500". The memory could not be "read".

Click on OK to terminate the program
Click on CANCEL to debug the program"

Only this pops up every 5 seconds about 6 times and then stops, and randomly will continue this pattern.

I have attached 2 logs, one is current <taken today> the other I just happen to log a few days ago for the hell of it (before I noticed any errors). I don't know if.. comparing will help I just want to provide all info I have.

~Thanks!

[edit]
**Additional: Just ran AVG Anti-Rootkit Beta and it detected system32/userinit.exe as a "Hidden Application"

extra info: sometimes when the svchost error pops up, my taskbar at the bottom changes to the old grey style and not the windows xp style.

Also: included a screenshot (edited for size).

System Info:
AMD Athlon 64 processor 3500+, 1 GB RAM
Microsoft Windows XP Professional SP2
ASUS A8N-SLI Deluxe MOBO

A:svchost constantly popping up

nobody responding, so I'm trying to help myself. A couple things I've noticed
1) in my list of services, there is a service named "Asctcgwto" set to disabled. This brings up nothing in google.
2) After turning on my computer, I type "at" in the console and it responds with "The service has not been started." I use the at command fairly often.
3) I type "net localgroup" and it tells me that the workstation service has not been started. So I start it.... I Don't know why it isn't already started, (it's set as "Automatic" but was stopped).

The problem is getting worse because from the moment I click login, it brings up multiple svchost.exe errors and takes an exceptionally longer amount of time to fully log in.

Read other 1 answers
RELEVANCY SCORE 53.6

One of the CA security center components keeps installing when I log on. This prevents me from uninstalling anything or installing anything new. Because it keeps installing (or is just installing), I can't even try to uninstall it because well, it's installing!

Help, please! Thanks!
 

Read other answers
RELEVANCY SCORE 53.2

I have a Windows Vista Home Premium Inspiron 1420 that I got from a friend.
Since this morning an AVG Identity Protection pop up keeps appearing.
I keep pressing Move to Vault and the same threats keep coming back.

I ran Rkill and it found nothing.
I ran MBAM and it found nothing.
I ran AVG and it found nothing.
I even ran the free version of Reimage and it found nothing.

So I have no idea whats going on.

The AVG Identity Protection pop up says the file names:

C:/USERS/(FRIENDSNAME)/APPDATA/LOCAL/TEMP/RARSFX11/WINLOGON.EXE
C:/USERS/(FRIENDSNAME)/APPDATA/LOCAL/TEMP/RARSFX15/NIRD/IEXPLORE.EXE
C:USERS/(FRIENDSNAME)/APPDATA/LOCAL/TEMP/RARSFX15/NIRD/IEXPLORE.EXE

I googled IEXPLORE and from what I've read it's a virus.
And I'm getting mixed signals about WINLOGON, that it's a virus and that it isn't.

I'm feeling extremely technologically challenged at the moment.
(Probably because I am >.<)
But if someone's willing to teach me and bear with me on figuring out whatever is wrong
that would be extremely welcome and awesome!!

Thanks =]

And hopefully I posted this right -___-'

A:AVG Identity Protection keeps popping up

Can you post the logs from Rkill and Mbam?

Read other 11 answers
RELEVANCY SCORE 53.2

Every few seconds auto play pops up and immediately vanishes again. It's very annoying, to the point where I can barley use my computer, (I posted this from another computer.) The drive responsible says recovery H, H is my USB but there is nothing plugged in there. The Auto play fixer isn't for Vista 64 bit. I don't want to simply stop auto play as I like it when it works properly. I don't seem to have a windows restore point either. Here is my Hijack This log file. Any help would be greatly appreciated! Thanks for looking.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:51 AM, on 2/10/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Bec\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Sony\VAIO Mode Switch\VMSwitch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony Corporation\SmartW... Read more

A:Auto play popping up constantly

You might want to try a Clean Boot troubleshooting procedure to hopefully isolate an offending application. Run it for both Services and Startup items.

Another thing you can try:

Download the free Process Explorer.

Run it and click Find.

Click Find handle or DLL...

Search for \device\harddisk.

See if any of the search results might have a reason to be accessing the USB drive.
 

Read other 1 answers
RELEVANCY SCORE 53.2

Hi and thanks in advance for any and all help received. I would also, in all fairness, wish to inform anyone concerned that you are currently reading the words of quite possibly the most computer illiterate human being in the free world. Having said that, I will attempt to explain my problem.
My computer has been becoming increasingly slower over the last several months. I have been dealing with/ignoring this problem until the proverbial straw that broke the camel's back began appearing on the computer screen yesterday. I am receiving this official looking warning on my computer that keeps popping up constantly with every action I attempt. The warning says:
SYSTEM ERROR
Your computer was infected by unknown trojan
It's dangerous for your system! ( critical files can be lost !)
Click to download the antispyware program to clean your system (recommended)

From what Ive read on your site and others, I am assuming this is an attempt to get me to download even more trouble than what I am currently experiencing. I almost goofed up and downloaded it when it first popped up. In fact I clicked on the ok button but thankfully was warned that it was an unrecognized site and didnt have a valid signature or something to that effect (see, I told you I was computer illiterate) and I cancelled the attempt to download.

I followed all the other steps in your instructions. I had already downloaded the Windows Service Pack 2 a long time ag... Read more

A:Trojan Warning Constantly popping up

I was informed this information was needed as well
Deckard's System Scanner v20071014.68
Run by Tony Murdock on 2008-01-06 18:52:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
123: 2008-01-06 23:52:54 UTC - RP742 - Deckard's System Scanner Restore Point
122: 2008-01-06 23:45:12 UTC - RP741 - Software Distribution Service 3.0
121: 2008-01-06 23:40:20 UTC - RP740 - Software Distribution Service 3.0
120: 2008-01-06 22:04:36 UTC - RP739 - Software Distribution Service 3.0
119: 2008-01-06 06:03:14 UTC - RP738 - Software Distribution Service 3.0


-- First Restore Point --
1: 2007-10-09 05:03:21 UTC - RP620 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-06 18:57:08
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\... Read more

Read other 16 answers
RELEVANCY SCORE 53.2

Hi,

My laptop constantly shows windows security pop-up. I tried Spybot/Spyware Doctor, but not of use. Please help.

HJT Logs..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:52:04 PM, on 8/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\CSAgent\bin\CSAControl.exe
C:\Program Files\Cisco Systems\CSAgent\bin\leventmgr.exe
C:\WINDOWS\system32\CmgShieldSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco Systems\CiscoTrustAgent\ctalogd.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Cisco Systems\CiscoTrustAgent\ctapsd.exe
C:\Program Files\Funk Software\Odyssey Client\odClientService.exe
C:\Program Files\Cisco Systems\CiscoTrustAgent\CtaEoU.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\CiscoTrustAgent\ctatransapt.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\PROGRA~1\Altiris\ALTIRI~1\AeXNSAgent.exe
C:\Program Files\Connected\AgentSrv.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\CISCOS~1\CEPS\CEPSWA~1.EXE
C:\WINDOWS\s... Read more

Read other answers
RELEVANCY SCORE 53.2

I have an HP computer with Vista, Comcast as the ISP, and McAfee (I think it was provided by Comcast).
A new problem has popped up just recently. Every few minutes, I am interrupted when the black and red McAfee flash-screen is flashed on top of whatever I am working on. That is followed by a tan-colored screen called “Comcast Security - - - powered by McAfee”. (This is the same screen that comes up if I click on the McAfee shortcut on the Desk Top.) That screen changes its contents once before it quits. The coming of these screens has nothing to do with my pushing keys. They come even if my hands are not near the keyboard and if I am not on line with Comcast.
These screens flash on for only a fraction of a second – not long enough to read what they say. But they disrupt my train of thought and, if I am typing, can cause errors in my writing. I checked my McAfee and security settings and they seemed correct. If you can suggest a way to stop this, I would appreciate it. The screens have flashed on about six times while I was writing this.
 

Read other answers
RELEVANCY SCORE 53.2

So here is what's happening to me...

1. I've got this constant pop up thing happening that is saying contextual ads.
2. Under Uninstall or Change a program there is a program called Ron too1 addestination. If I click uninstall a box comes up asking for the verification code and in the center of the box it's got garbled letters, which I think they want you to use as the verification code.
3. I'm running on Windows Vista with several securities in place...MicroTrend, Windows Defender, AVG 8.0, Avira Antivirus, Malwarebytes' Anti-Malware, SpywareBlaster, SUPERAntiSPyware and used Spybot to search and destroy. They don't seem to be finding this thing.
4. I use Mozilla Firefox as my browers and I do frequent some social networks, specifically MySpace and Facebook. And often pay games on NovaWorld.

Is there any help for me? I'd be so very appreciatived!!!!

Suzanne

Read other answers
RELEVANCY SCORE 53.2

I reformatted by Dell Inspiron 1721 laptop a couple of months ago and everything's been working perfectly until a Windows SP2 update automatically installed itself last week - now Windows Media center opens up constantly (very distracting); I've removed it from services and from startup, but it continues to pop open.

Also, a funny looking file menu will sometimes pop up all by itself on the top left of the screen.

And windows or programs I have open may just close themselves out by themselves.

This has all been going on for a week and is becoming very annoying. I don't use Media Player, but understand it can't be deleted. Until I chose "Don't show me this message again" there was a message every time I booted up that said something like, "Your new hardware needs to be installed." I had not attached any new hardware.

Anyone have any ideas? I really don't want the hassle of reformatting again so soon.

Thanks,
SWOFKY

A:WMC Popping Open Constantly - Other Problems

Hi SWOKY, welcome to the board.

The problem could caused by anything, but you can start on making sure if the problem related to the update by restore the system to the day before the update.

Post back and let us know how is going?

Bruce

Read other 6 answers
RELEVANCY SCORE 53.2

Every few seconds auto play pops up and immediately vanishes again. It's very annoying, to the point where I can barley use my computer, (I posted this from another computer.) The drive responsible says recovery H, H is my USB but there is nothing plugged in there. The Auto play fixer isn't for Vista 64 bit. I don't want to simply stop auto play as I like it when it works properly. I don't seem to have a windows restore point either. I have done everything I can think of. Any help would be greatly appreciated! Thanks for looking.

A:Auto play popping up constantly

For security reasons, auto-play is not a good idea. There are infections that specifically take advantage of flaws in the system.

You should also enable recovery points, it can be a life-saver if something goes wrong.

You may want to try disabling it and then re-enabling it for specific drives or types of files to see if that will help with your issue:
How to disable the Autorun functionality in Windows

Disable AutoPlay in Windows Vista - How-To Geek

Read other 2 answers
RELEVANCY SCORE 53.2

I have Windows 10 and everything is running ok. Then, yesterday, I ran Windows Update and Update installed THREE updates....

KB3881449, KB3881488, KB3081452

It seems to be a NEW and BAD HABIT of Microsoft NOT to give us any details on what these updates do to our operating systems, what problems they solve, what features they provide or take away or what they modify. It would certainly be helpful in trying to diagnose a nasty problem that develops immediately, doesn't it? I don't like this new attitude at Microsoft of "we will run your computer and you will like it". Anyway, after updating and rebooting, I immediately started having a problem with the new Microsoft Edge Browser. It is now popping up on me without being asked to. This problem started immediately after I installed the updates and I DID NOTHING ELSE on my computer after rebooting.

There are a few things I want to say here...Microsoft DID THIS to my computer. I ran an anti-virus scan and malicious software scan using ESET SECURITY SUITE 8.0 both on my computer and an external ESET Anti-Virus Scan from ESET that sits off of my computer and nothing was found.

I also got ONE OTHER ERROR, I only saw it pop up one time and here it is, attached snapshot of the Error Message attached (it says)...

RUNTIMEBROKER.EXE

"The group or resource is not in the correct state to perform the requested action."

I looked into RUNTIMEBROKER.EXE and it is an operation in Windows 8 and app... Read more

A:Edge Browser is Popping Up on Me Constantly

Edge opening constantly might be malware.

Here's a link to the Malwarebytes blog that discusses those un-closeable Tech-Support-Scam pages and sites:

PSA: Tech Support Scams Pop-Ups on the Rise | Malwarebytes Unpacked
--------------------------------------------------------------------

Edge is installed as the default Windows 10 browser. Here's how to make Internet Explorer the default browser instead.

I believe the icon for Edge is automatically installed on the Taskbar. The icon looks very similar to the Internet Explorer icon.

To pin the Internet Explorer icon to the Taskbar, click on the Start Button, click All Apps,
Scroll down and click on Windows Accessories. Right Click on Internet Explorer, click on Pin To Taskbar.
The Edge icon is a darker blue. The Internet Explorer icon is lighter blue with a gold diagonal arc across it.

Right click on the Edge icon and select Unpin From Taskbar, if you wish.

Now to make Internet Explorer the default browser:

Click on the Start Button, Settings, System, Default Apps, scroll down the Choose Default Apps list and Click on Web Browser - Edge, and choose Internet Explorer from the pop-up menu. This makes Internet Explorer the default browser.

Read other 4 answers
RELEVANCY SCORE 53.2

I use a windows xp professional OS.
My contrast window keeps on popping up in the middle of my screen, this goes on happening constantly on its own accord.
What is this problem? and how do i rectify it?
Pls help..

Read other answers
RELEVANCY SCORE 53.2

Every few seconds auto play pops up and immediately vanishes again. It's very annoying, to the point where I can barley use my computer, (I posted this from another computer.) The drive responsible says recovery H, H is my USB but there is nothing plugged in there. The Auto play fixer isn't for Vista 64 bit. I don't want to simply stop auto play as I like it when it works properly. I don't seem to have a windows restore point either. I have done everything I can think of. Any help would be greatly appreciated! Thanks for looking.

A:Auto play popping up constantly

You can try the FixIt at http://support.microsoft.com/kb/967715 , scroll down to How to disable or enable all Autorun features in Windows 7 and other operating systems.
 
Louis

Read other 1 answers
RELEVANCY SCORE 53.2

I've been having this problem where this thing pops up every few minutes and i don't know how to fix it

A:constantly popping up command promp

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be foun... Read more

Read other 21 answers
RELEVANCY SCORE 53.2

If my lap top is on for any more than 3hrs, the help window for whatever program i am using will pop-up and will not let me continue task. Comp must he turned off for a couple of hours to resolve this.

I ran trend micro's online virus/spyware tool (http://housecall.trendmicro.com/), cwshredder, ad-aware se & spybot s&d. Problem did not resolve, then someone told me to try hijackthis, and am now in need of help to analyze the results.

PLZ HELP.

thanx in advance.

the following is the log i got w/ hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 8:25:43 PM, on 10/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\P... Read more

A:[SOLVED] help folder constantly popping up, plz help

i've had other issues since this post and have decided for a fresh start/formated drive
thanks all, no further help needed (for now, lol)

Read other 1 answers
RELEVANCY SCORE 52.8

Ok im pretty sure this is a malware virus. Everytime i log into windows the error blimps pop up saying i have extreme viruses and need to download Windows Defender. Whenever i try to install Spybot or Malwarebytes it doesnt let me install. Theres a red box that shows 2 trojan viruses that always pops up also. Another thing, when i pull up the task manager there is a whole bunch of svchost.exe like 14 of em.plz help i need to know what do. If i have to take it in to pay for it to get removed ill do it but im tight on cash right now so another method would be perfect thx.
 

A:Fake Virus Protection Keeps Popping Up.

Rogue Malware...
 

Read other 2 answers
RELEVANCY SCORE 52.8

Hi. I don't remember failing to untick a selection, but somehow this crummy Baboom Search element has come onto my computer. I have an Asus desktop computer and have Windows 8.1. and use Google Chrome and Mozilla Firefox. Every time I restart my computer Baboom's invisible extension activates setting Baboom Search to default alongside my Google default search and at this point I cannot remove it as a default program.

There is an option to disable the Baboom Search extension and doing so will make it disappear, but it does not give me the option to find and remove the extension that continually controls my search when I restart.

I have used Windows Defender, Anvi Smart Defender and an Anvi software trial that supposedly allowed one to use a Slim Toolbar option that could find an alter extensions and add-ons but it none of them found Baboom Search.

I cannot find the extension in any extension list, in the uninstall list in the Control Panel, nor can I find the name Baboom anywhere on my computer now that I have deleted a few small files with its name. Since I have been unable to see the extension I have been unable to get its App ID in order to find out what ID I could try deleting in the Roaming App Data on my computer but it feels like I have tried everything else to find and delete it. I even tried to find it in the Registry Editor in the apps section, but it did not appear.

Please, if you can offer me any assistance in taking down this nasty virus that doesn&#... Read more

A:Baboom Search Constantly Popping Up, Hidden

Read other 6 answers
RELEVANCY SCORE 52.8

Hello,
I have a HP Pavilion m6-1045dx notebook with Windows 7 Home 64-bit SP 1, Premium, 8gb Ram, Intel HD graphics 4000, Intel Core i5-3210M.

The attached error codes keep showing up and they show up every 3-5 minutes. I recently just got my laptop back from a repair to the motherboard. They replaced the HDD and re-installed Windows 7 Home Premium and most of my needed drivers. I am also attaching the itinerary work notes of the repair for the computer.

NOTE: the error codes are not consistent after continuous pop ups, though the location of the application error seems to be the same. I realized that the errors are not the same all the time.

What is the cause and how do I fix this?

A:Error Codes popping up constantly every 3-5 mins

This sounds like a driver problem. Can you check to see if Windows is fully up to date and check Device Manager for any next to your hardware.

Read other 3 answers
RELEVANCY SCORE 52.8

Somehow, sometime, a certain virus got onto my PC, I'm familiar with the sort, since i had a similar problem when i use to use XP, unfortunately, i don't remember how i removed it, an now a new rogue spyware program has planted it's seeds on my computer once again. It calls itself Antispy Spider and always pops up on my task bar in a small yellow triangle with an exclamation mark saying something like: Windows Security Center
An attack on you computer has been detected
Then it opens the browser (Firefox in my case) and gives me it's page, with the asking me to buy it since it'll protect my computer...Yeah, sure. I'm using McAfee Security Center 2007, which is enough for me. I'm posting my log since i can't find the things that belong and don't and i certainly need to get rid of this blasted Malware.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:25 PM, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\DELL\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.e... Read more

A:Antispy Spider constantly popping up on desktop

Read other 6 answers
RELEVANCY SCORE 52

I have Malwarebytes Anti-Malware and I get pop up warning every 3 to 4 seconds that it has blocked a Malicious Website.  Its an outbound connection with the warning:
 
Domain: (empty)
IP: (different all the time)
Port: (different all the time)
Type: Outbound
Process: C:\Windows\System32\svchost.exe
 
When I received the laptop from previous owner, Avast virus protection was installed but not updated.
I removed it and installed Malwarebytes Premium and Eset Nod32 virus protection.
Ran MBAM and quarantined infections (lMBAMlog.txt file attached), Eset found nothing.
 
It was after MBAM install that running on the wireless connection began to produce the above stated pop-ups.
When MBAM is activated, the pop-ups start immediately and I loose wireless internet.
If wireless is turned off, no pop-ups.
Wireless connection is reestablished once I deactivate MBAM.
 
In  my attempts to fix, I also ran RogueKiller and got rid of a bunch of pum.dns
 
I also notice that what ever I search for in IE goggle, the top return is always a link to "Raaz.io/SafeSearch Install Now"
I downloaded and ran the Farbar recovery Scan Tool and my log is attached.
Thank you for looking at my topic,
Pilgrim.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-12-2015
Ran by Sidney (administrator) on SIDNEY-PC (29-12-2015 15:01:50)
Running from C:\Users\Sidney\Desktop
Loaded Profiles: Sidney (Available Profiles: Si... Read more

A:Outbound "Malicious Website Blocked" constantly popping up

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Remove these programs in bold Via the Control Panel > Programs and Features applet.VideoDownloadConverter Toolbar Chrome Extension (HKLM-x32\...\VideoDownloadConverter_4z Chrome Extension Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTIONWSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [Fesulok] => C:\windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Sidney\AppData\Local\29d7106b1506c019\Dufaku.dat"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKU\S-1-5-21-1747975209-1935908775-2939679204-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1747975209-1935908775-2939679204-1000\SOFT... Read more

Read other 9 answers
RELEVANCY SCORE 52

My daughter's Dell laptop is now receiving multiple pop-up warnings titled "Antivirus" saying that I need to remove software and I'm being hacked and my identity is in danger of being stolen. Please help. I've seen several posts on here with various helpful steps, but they all seem to warn that I needed to open my own topic. So here I am. Thank you.

A:Uncertified Malwarebytes' Anti-Malware warnings keep popping up

These are the standard wranings of a Rogue antispywrae infection.. Let's do these. Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reb... Read more

Read other 11 answers
RELEVANCY SCORE 52

I have malwarebytes anti malware on my computer and it pops up with things that say ip protection. I looked up the ip's of what it says in the log and they are 66.com, 67.com, 69.com, 75.com, 77.com, 95.com, 212.com

All the ones besides 69.com are Chinese.

Don't know if this matters but I am downloading a series of files from Arizona (not China) but it seems malwarebytes started freaking out then. I have scanned each incoming file with Mcafee and Malwarebytes and they are clean. I only mention it because that is all I am doing online besides looking at my mail and some websites I have always looked at without a problem.

Peer Gaurdian 2 only sees my downloads and allowed http traffic.

All comments appreciated.

A:malwarebytes ip protection

Starting in version 1.40 the developers of Malwarebytes' Anti-Malware introduced IP Protection:...IP Protection provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges...What does this notification mean?This notification means quite simply, that an IP address has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious IP address...I received a notification on a safe site, why?How do I disable this?I got an alert for an IP or website I think is safe, how can I report it?Does the IP Protection replace my firewall?Where do I find the IP Protection logs?How can I add an IP so it won't be detected and can access a site I need to?Malwarebytes Anti-Malware IP Protection FAQs

Read other 3 answers
RELEVANCY SCORE 52

I keep getting pops from Malwarebytes Anti-Malware that there is and infection and it keeps giving me different IP addresses. I am up to date run scans on superantispywaye, malwares, and avast and nothing. Wondering if these are false-positives or what they really are, any help would be greatly appreciated!
 

A:Malwarebytes IP protection?

Read other 8 answers
RELEVANCY SCORE 51.6

Hello, for the past three days I have been trying to access my computer. I'm quite positive I have a malware infection but I have no idea where it is. I am running Windows Vista Home Premium SP2 32bit.

As soon as I boot up my computer an error pops up before the password screen. It reads LoginUI.exe - Bad Image in the top bar and then gives the description:

error. C:\windows\system32\WinTrust.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support.

I have to click okay about 20 times before i can access the main login screen. Once i login i get another error similar but instead says Skype.exe - bad image. My windows virus protection has been disabled, and I am unable to open any virus program other than Avast and S&D. I get similar errors to the others when trying to open Norton or Ad-Aware. Even while I was trying to type my topic title to this thread, errors would come up every letter I typed.

Oh and one more thing. I am receiving window's errors constantly, the most common being Windows sidebar encountered a problem and closed, windows live id encountered a problem and closed, and gusvc encountered a problem and closed. I also cannot access msn messenger and my sound has been disabled

any help would be appreciated.

thank you in advance,

jonathon :

Read other answers
RELEVANCY SCORE 51.6

Hi!

I started getting attached pop up in my taskbar few days back and it has intensified since then. It now pops up every 2-3 min and disappears instantly. Managed to get it in screen shot.

Did bit of on-line search and there are few similar cases too but i am not sure about the reason behind it starting in my machine and solution to it.

I was getting some Bluetooth related message in Skype since i started using it just from few days back. Had skype since beginning but never used it before. Could this be because of it ? Should i uninstall and install skype again ?

And this is the first time i am facing any problem on this machine (HP Laptop with Windows 7 OS), it is about a year old.

Any suggestion appreciated!!!
Thanks
 

A:Unknown program quickly popping up and disappearing in task bar constantly

Read other 16 answers
RELEVANCY SCORE 51.6

Hello!
I would appreciate any help whatsoever! This virus, or whatever it is, has me stumped!
I think I have been hijacked, only on internet explorer-when checking task manager, Internet explorer is always running, even when I "End Task" . Mozilla Firefox is working fine, but Internet explorer pops up both visible and invisible windows, and constantly asks me to make it my default program!
I suspect malware, and possibly a virus, but my spyware program cannot find anything besides cookies. My antivirus program pops up saying it has deleted multiple trojans, but something is definitely going wrong!

here are is my Hijack this log
Logfile of random's system information tool 1.04 (written by random/random)
Run by Brennan at 2008-11-05 19:05:05
Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (59%) free of 57 GB
Total RAM: 478 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:05:18 PM, on 11/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mo... Read more

A:Hijacked? Internet Explorer constantly running and popping up, but I use Mozilla!

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Please copy this page to Notepad and Save it to your Desktop in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if they still exist:

Viewpoint Manager
Viewpoint Media Pl... Read more

Read other 2 answers
RELEVANCY SCORE 51.2

I originally was infected with Bancos.TrojanPWS yesterday and that was removed. Then I got infected with Trojan.Daonol. I went to the Malwarebytes.org site and started logs there with them, but I can no longer access their site, the server keeps going down. This is VERY URGENT as this is on my Office PC and I have all of our accounting/quickbooks records on this PC. I ran the MBAM and it keeps telling me it's quarantined and removed this Trojan.Daonol, but it's keeps popping back up. It's in the WINDOWS file and the file name is called raedy.vasI am soooo frustrated, I've tried deleting it, dragging and dropping from WINDOWS into the Quarantine Folder in my PC Tools Internet Security 2009, and renaming it and changing the properties and it just keeps popping back up in the WINDOWS folder, so I put it back the way it was. This is really scary, I went to this site called VirusReport.com and I submitted the File Name - C:\WINDOWS\raedy.vasxThis is the report I got...**NOTE** SEE The Other Viruses Its Listing??? I need help please!! Thank you,Lorrie===================================File raedy.vasx received on 03.13.2009 09:58:05 (CET)Current status: Finished Result: 4/39 (10.26%) Antivirus Version Last Update Result a-squared 4.0.0.101 2009.03.13 - AhnLab-V3 5.0.0.2 2009.03.13 - AntiVir 7.9.0.114 2009.03.13 - Authentium 5.1.0.4 2009.03.12 - Avast 4.8.1335.0 2009.03.12 - AVG 8.0.0.237 2009.03.13 - BitDefender 7.2 2009.03.13 - CAT-QuickHeal 10.... Read more

A:URGENT: Trojan.Daonol Keeps Popping Up After Malwarebytes Removes It/ Moved

Hello kokobaby,As no specialized logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.PLEASE DO NOT NOW POST LOGS unless a log is specifically requested.This is VERY URGENT as this is on my Office PC and I have all of our accounting/quickbooks records on this PC.Is there an IT department for your office?I went to the Malwarebytes.org site and started logs there with them, but I can no longer access their site, the server keeps going downDo you have the links to your topic/topics there? We need to know what has been done. Also, if we assist you here, your topics at MalwareBytes will need to be closed.That said, what is your operating system: Windows XP, Vista etc.?Orange Blossom

Read other 15 answers
RELEVANCY SCORE 51.2

Everytime I open Windows Media Player, Malwarebytes pops up with a message that says, "Malwarebytes has successfully blocked IP 213.174.154.144". I did some research and that IP apparently leads to a filthy malicious site. The thing is though is that I've ran a full scan with MB and it comes up as nothing infected and I did a full scan with Super Anti-Spyware and it didn't show anything infected either. So it must be hidden well because it keeps popping up EVERYTIME I open WMP. Please help.

Thank you.

A:Malwarebytes popping up each time I open Windows Media Player

This also started happening to me today, out of the blue, each time I open WMP. It is version 11, running on an XP SP3 machine. Not too worried at this point since MBAM is detecting and blocking access to the IP, but would like to know more about what's causing it. Will be tracking this thread for ongoing developments and info.

Read other 4 answers
RELEVANCY SCORE 51.2

Hi, I am having problems enabling the file and web protection in malwarebytes. It will update the definitions daily and I can manually scan. It does not auto detect nor is there an icon in the system tray. I did uninstall, clean and reinstall and can enable until I reboot then it is disabled again. Nortons and Malwarebytes both scan and find nothing.

I really don't feel protected right now as Nortons does not catch all.

I am running:
PC with xp sp3 and IE8.

Coulds I please get some help figuring out if I am infected of not?

It would be greatly appreciated.

Thanks,
Richard

A:Can't enable protection in Malwarebytes

Good evening. May I suggest that you post this problem at the Malwarebytes forum where they will be better able to troubleshoot the issue.

Read other 11 answers
RELEVANCY SCORE 51.2

Hi, I am having problems enabling the file and web protection in malwarebytes. It will update the definitions daily and I can manually scan. It does not auto detect nor is there an icon in the system tray. I did uninstall, clean and reinstall and can enable until I reboot then it is disabled again. Nortons and Malwarebytes both scan and find nothing.

I really don't feel protected right now as Nortons does not catch all.

I an running:
PC with xp sp3 and IE8.

Couls I please get some help figuring out if I am infected of not?

It would be greatly appreciated.

Thanks,
Richard

A:I can't enable protection on Malwarebytes

Hello,are you using the free or paid version?Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser!Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.For Windows XP:First uninstall Malwarebytes' Anti-Malware using Add/Remove Programs in the Control Panel.Restart the computer.Download the mbam-clean.exe (MBAM Cleanup Utility) and save it to your Desktop.Double-click on mbamclean.exe to start the utility.When the cleanup routine has finished, it will ask to reboot your computer. Please allow the reboot.After the computer restarts, temporarily disable your Anti-Virus, then download and install the latest version of Malwarebytes' Anti-Malware (v1.46) from here.-- If using the Pro version, you will need to reactivate the program us... Read more

Read other 11 answers
RELEVANCY SCORE 51.2

I'm getting all sorts of IP Protection warnings from Malwarebytes recently from all sorts of different IP addresses. I know that there has been growing pains with this new feature in Malwarebytes but many of the IP addresses look like they are coming from China which is a little troubling. I am not currently at the computer so I am relying on the log I had the user run on the machine. Thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:44:21 PM, on 8/26/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\WINDOWS\system32\nvsvc32.exeC:\PROGRA~1\AVG\AVG8\avgemc.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\WINDOWS�... Read more

A:HJT Log - Malwarebytes IP Protection Warning

Ok - I am updating with all the required log/scan files now. Any help would be appreciated.

Read other 12 answers
RELEVANCY SCORE 51.2

This is a problem I've had before but can't remember how to resolve it. As of today MB flags a message saying that Real Time Protection layers are turned off. These are Web Protection and Malware Protection.
What I've done: switched both on only for them to go off again, or Real Time Protection shows starting but doesn't go any further. I've also uninstalled my previous version and downloaded version 3.1.2. I am Premium user.

Can anyone shed any light on this and tell me how to resolve it please?

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 4
RAM: 3839 Mb
Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i (Microsoft Corporation - WDDM), 256 Mb
Hard Drives: C: 111 GB (71 GB Free);
Motherboard: Packard Bell, imedia S3720
Antivirus: Malwarebytes, Enabled and Updated
 

A:Malwarebytes turning off Web Protection

Everyone's having this problem today. If you go to Malwarebytes' official forums, you'll see hundreds of posts about this posted within the past hour.
 

Read other 1 answers
RELEVANCY SCORE 51.2

I was looking through my Malwarebytes files and I saw these 2 files called cloud and cloud-enumeration so I was wondering if Malwarebytes uses some sort of cloud protection? The files were both dll files.
 

A:does Malwarebytes use cloud protection?

Yes it does see here. Malwarebytes - RealTime Heuristics? - Malwarebytes Anti-Malware Help - Malwarebytes Forum
 

Read other 1 answers
RELEVANCY SCORE 51.2

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number). Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete, depending on your system's specifica... Read more

A:Malwarebytes constantly blocking ip address 66.150.14.42

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Read other 2 answers
RELEVANCY SCORE 51.2

I have Malwarebytes Pro running in the backround. As well as Microsoft Security Essentials.
 
I believe I have an infection for 2 reasons.
 
1 - Malwarebytes balloon popup tells me svchost.exe is trying to access a malicious IP and it was blocked.
 
The IP address is: 95.211.194.79
 
 
2. At the following location:
 
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
 
that Content.IE5 folder is constantly filling up with junk files of between 1kb-14kb a piece. Millions of files. Over the last few days it has accrued up to 13 GB of data on my SSD. I keep manually deleting the folder, but every few days it fills back up again, so I know there is an underlying problem.
 
PLEASE HELP! This is my main Desktop in the household and I'm sick of getting Xfinity Constant Guard notifications on every device in my network when I cannot disable that notification!
 

A:Malwarebytes constantly blocks svchost.exe

I have the exact same issue here. Norton 360, malware bytes and Microsoft Malicious Software Removal Tool from May 2013 all report the system is clean after running full scans. 

Read other 5 answers
RELEVANCY SCORE 50.8

Some program keeps popping up for a split second on my task bar every few minutes, and I can't figure out what it is.
It's pretty annoying because whenever it happens it switches the current window's focus.
It seems to happen randomly, and not at a set time interval.
I don't think it's malware... but I could be wrong. It pops ups and disappears much too quickly to identify it.
How can figure out what it is? (Btw, I'm running Windows 7.)
 

A:Solved: Unknown program quickly popping up and disappearing in task bar constantly

Read other 8 answers
RELEVANCY SCORE 50.8

The sound with both speakers/ headphones on my laptop is constantly making "popping" sounds, and sometimes it even stutters - very aggressively and without putting any load on the laptop - even with a simple mp3 playback.I've tried EVERYTHING - Realtek / Lenovo / Windows drivers, uninstalled Windows, wasted so much precious time on it.This is the second damaged unit I get from lenovo in a month's time. I hope they can provide a quick solution for this problem, or else I'm returning this laptop and never buying / recommending Lenovo ever again. 

Read other answers
RELEVANCY SCORE 50.8

ok so i use Avast anti-virus free and i like it very much i was thinking of purchasing malwarebytes pro version and can i use it with a realtime anti-virus or should i just use it with real time protection on its own?

A:malwarebytes real time protection?

Hi,

I suggest logging onto their forums (Malwarebytes Forum) and post a question about whether the two will clash in real-time (I doubt theu will though). They are pretty good at answering questions quickly. I think you will find they are perfectly suited to both run in real-time.

Regards,
Golden

Read other 3 answers
RELEVANCY SCORE 50.8

When Malwarebytes 3 is enabled on Windows 10, the latter disables its security system (Windows Defender) stating that MB is sufficient. What about Windows 7?
 

A:Is Malwarebytes sufficient protection on Windows 7 ?

Best way to know is to try it. Data.
 

Read other 6 answers
RELEVANCY SCORE 50.8

Just today for some reason I keep getting this message popping up from Malwarebytes.



Also when I scan with Malwarebytes I get this list of found viruses but when I remove them it stops google chrome and "removes" them. But the next time I scan they are back as if nothing ever happened.



So what do I do? Are these two things related? How do I fix this? Thank you.
 

Read other answers
RELEVANCY SCORE 50.8

Hello all, I am having a computer meltdown.  This morning, I came to my desktop and noticed that my Microsoft Security Essentials had flagged a "Win32/Zbot.gen!/plock".  I removed the files from the prompts in MSE and downlowded malwarebytes.  At that point MwB began blocking several malicious websites:
 
fff5e.com
IP Address 31.184.192.90 (out of Russia)
searchnet.blinkxcore.com
95.215.1.57 (also out of Russia)
88.214.193.72 (out of the UK)
 
I also had red flags for Anogre.E, Java/CVE-2013-2460, Java/Obfuscator.W, Win32/Crowti.A, and TrojanPoweliks
 
These came from scans through Adware and MWB.  I also ran CCleaner, HitmanPro, Junkware Removal, RogueKiller, and TDSSKiller.  No solution. 
 
Now when I run scans in MSE and MwB there is nothing found, but I still get the "Malicious Website Blocked" about everything 2 seconds. 
 
I did google searches for the fff5e and searchnet terms for possible viruses, but the free removal tools promising to remove the attached viruses haven't worked.
 
Any help would be much appreciated. I'm extremely new to this.
 
I have the first MBAM .txt log and the FRST .txt and addition.txt

A:Malwarebytes is constantly blocking "malicious websites"

G'day mlaw31, and Welcome to BC !
 
Exploit:Java/Anogre.A is a detection for an obfuscated Java class component associated with the exploit kit called SweetOrange. Similar to any other exploit kit, such as Blacole, it first determines information about your browser. This includes the browser you use (for example, Internet Explorer or Mozilla Firefox), its version, and what plug-ins are installed.
SweetOrange can exploit vulnerabilities in Java, specifically the vulnerability discussed in CVE-2013-0422.
Exploit:Java/Anogre.A usually comes bundled with another file detected as Exploit:Java/CVE-2013-0422.
 
 
Please follow the instructions in ==>This Guide<== starting at Step 6.
 
Once the proper logs are created, then make a NEW TOPIC and post it ==> HERE<==
 
Do not run ComboFix. Just include the requested logs from the guide above. Please be sure to include a description of your computer issues and what you have done to try to resolve them.
 
If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why along with a description of your computer issues.
 
Please post the link to your new topic back here so we can lock this one, and then only the Malware Response Team should handle your problem.
 
 
Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs... Read more

Read other 1 answers
RELEVANCY SCORE 50.8

My computer appears infected with a virus or some type of malware. I ran a scan with malwarebytes and it quarantined some files. However, I keep getting a constant popup window that says "Malicious Website Blocked". Keeps saying fff5ee.com and 95.215.1.57 are the Domains Names that are constantly being blocked. Below is a log ran with FRST.
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-10-2014
Ran by ellis (administrator) on ELLIS-PC on 19-10-2014 15:14:31
Running from D:\My Downloads
Loaded Profile: ellis (Available profiles: ellis & Administrator)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Co... Read more

A:Malwarebytes constantly blocking website fff5ee.com

More Log Info
# AdwCleaner v4.000 - Report created 19/10/2014 at 15:49:27
# DB v
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : ellis - ELLIS-PC
# Running from : D:\My Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\Users\ellis\AppData\Local\Conduit
Folder Deleted : C:\Users\ellis\AppData\LocalLow\Conduit
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Users\ellis\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\ellis\AppData\Roaming\eIntaller
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Users\ellis\AppData\Local\eSupport.com
Folder Deleted : C:\Users\ellis\AppData\Roaming\Strongvault
Folder Deleted : C:\Users\ellis\AppData\Local\SwvUpdater
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\ellis\AppData\LocalLow\Vafmusic
File Deleted : C:\Users\ellis\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\[email protected]
File Deleted : C:\Users\ellis\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\ellis\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\ellis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\ellis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System... Read more

Read other 1 answers