Over 1 million tech questions and answers.

Banking malware using Windows to block anti-malware apps

Q: Banking malware using Windows to block anti-malware apps

 
A trojan that's currently doing the rounds in Japan is using Windows itself to try to defeat security software on infected machines.
Trend Micro reports that the BKDR_VAWTRAK malware, which steals credentials used for online banking at some Japanese banks, is using a Windows feature called Software Restriction Policies (SRP) to prevent infected systems from running a wide range of security programs, including anti-virus software from Microsoft, Symantec, and Intel. A total of 53 different programs are blocked by the malware.

http://arstechnica.com/security/2014/06/banking-malware-using-windows-itself-to-block-anti-malware-apps/

RELEVANCY SCORE 200
Preferred Solution: Banking malware using Windows to block anti-malware apps

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Banking malware using Windows to block anti-malware apps

TrendLabs: Windows Security Feature Abused, Blocks Security SoftwareEdit: Your Trend Micro link initially did not work for me so I reposted it for the benefit of others. Checking a second time the page finally opened.

Read other 3 answers
RELEVANCY SCORE 92

Hello,

I have malware that prevents me from running anti-malware programs (unless their names are changed to aliases). It also makes its presence known when I am NOT connected to the Internet. In that instance, a message box informs me that "Generic Host Process for Win32 Services" is not working, and gives me the option of sending or not sending the relevant information.

I attach to this thread the "Attach" output from DDS and the .log file from GMER. Unfortunately, I was unable to save the Scan results from GMER in any format other than .log, and when I tried to use the "Copy" function within GMER, my machine froze.

I have also run (in safe mode) MBAM, SpybotSD, SUPERAntiSpyware and the Windows kb890830 malware-detection apps. The first three DID find infected files, which I removed/quarantined in each of the respective apps. Perhaps not surprisingly, the Windows malware detection scan did not pick up anything.

I apologise for the dreadful formatting of the GMER output; the .log file is (I hope) uploaded.

Kind regards,
Adam

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:58:53, on 04/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Safe mode

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINNT\Explo... Read more

A:Infected w/Malware that doesn't let you run anti-malware apps etc.

Read other 16 answers
RELEVANCY SCORE 82

Hi,
We have a new system using Vista Home Premium, and would like to know which AV apps work in Vista?
On my XP Home machine ( from suggestions here ) we have been using AVG Pro, Spy-Bot Search and Destroy 1.4 and Ad-Aware SE, Hijack This, recently getting SAS for a problem.
I ordered the new system without any AV, not realizing Vista is still new enough to possibly have some compatability issues with some apps.
This will be a broadband (FiOS) connection behind a NAT router.
Any help will be appreciated.
 

A:Which Anti-Malware Apps For Vista?

Here is the current list of Vista ready software from wiki.castlecops.com
Ad-Aware 2007
AVG Anti-Spyware
DrWeb Cureit Scan
Rogue Remover (Free Version)
Spybot S&D
SuperAntispyware
 

Read other 1 answers
RELEVANCY SCORE 82

http://www.hitmanpro.nl/hitmanpro/
http://www.surfright.nl/en/hitmanpro

Windows only: Free application Hitman Pro scans your system for malware using not one, not two, but eight different anti-malware applications. Essentially, Hitman Pro is a helper utility that runs up to eight different cleaning tools when you tell it to. Some are favorites we all know and love, like Ad-Aware and Spybot S&D, while others are a bit more obscure. The idea behind Hitman Pro is that you've got a one-stop shop for killing off any malware that hits your system—regardless of whether it's spyware, adware, or some nasty virus. As the MakeUseOf post points out, scanning your system with each app can be a time-consuming process, so it's best to use when your computer is idle.
--LifeHacker.com
WOW! that seems to solve the issue over which is the best free anti-malware app out there!
 

A:8 Different Anti-Malware Apps w/ 1 Click!!!!

never mind... its not free... and all the docs are in german anyway.
 

Read other 1 answers
RELEVANCY SCORE 81.6

Over 500 websites were compromised over the weekend due to analytics software provided to publishers by PageFair.Mobile ad-blocking is a hot topic. Browser add-ons and mobile apps are slowly rising in popularity with consumers looking for a cleaner Web experience, but as a result, content publishers relying on advertising models which pay out for eyeballs and clicks are steadily losing revenue.Many publishers use third-parties to provide ads -- which, unfortunately, can also sometimes allow malware to slip through the net and compromise websites and visitor systems. This technique, known as malvertising, has struck high-profile targets such as Yahoo and UK newspaper The Daily Mail.Anti ad-block firm PageFair becomes cyberattack victim, distributes malwareI don't know if web owners now realizes that sometimes, we don't want ads on a website because of the risk of being infected by hijacked one (malvertising). This isn't even about revenue anymore, this is about staying safe and not getting hit by an EK with Cryptowall 3.0 in it. Now if even Anti ad-block companies can get hacked and used to distribute malware, what options do we have left? I understand that ads are necessary for the survival of a website, but is it really worth the risk of getting your visitors infected for displaying them?Anti-adblocker firm PageFair's users hit by fake Flash updateHackers use anti-adblocking service to deliver nasty malware attack

A:"Anti ad-block firm PageFair becomes cyberattack victim, distributes malware",ZD

Pagefair does what precisely then? By "anti-ad-block firm" do you mean that pagefair does things to try and develop adverts which can circumvent blocks and/or they develop pages for websites which refuse to load the main content properly if they detect adverts on them are being blocked?

Read other 2 answers
RELEVANCY SCORE 80.4

I recently have been infected with some sort of virus/rootkit/trojan and need some help.

I've tried following the directions in "Preparation Guide for use before posting about your potential Malware problem" but DDS will only open briefly then immediately closes down.

SUPERAntiSpyware, Malwarebytes, HiJackThis all will not open, I get the error message "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

Also Google search will redirect me most of the time when trying to click on search results, in both IE8 and FireFox.

Also some random Tom Arnold (the actor) advertisement sound clip was playing last night on my computer at random times, with no way to turn it off. No media player or browser was open, it was just playing in the background and I could find no way to shut it off.

I have limited use of RootRepeal, most scans I do will just crash/exit the program before it is completed.

Any suggestions would be greatly appreciated!

A:Google Redirect, can't open many Anti-Malware apps...

Hello Jexx and to BleepingComputer.If you have what I think you have, then you should be able to produce a Drivers log with RootRepeal. Could you please post that for my review? ~BladeIn your next reply, please include the following:RootRepeal log

Read other 4 answers
RELEVANCY SCORE 80.4

Hello All,my computer is infected with a virus that is similar to other posts but i have tried everything to my knowledge and cant seem to remove it.this virus identifies anti malware and antivirus programs and strips the user of the permissions to access the application. this makes it very hard to remove. most applications i can install and run once then they close immediately.this happened with dds which is why i couldnt attach a dds log.It also has hijacked my web browser and redirects me a lot to other websites when i click any link on google.i am running a winXP Pro SP3 the only two anti virus programs that run without closing are my existing ESET NOD32 3.0.672.0 and alsoIObit Security 360 free licensea free scan of STOPzilla identified something as a Win32K.Stream trojan.i have tried running SpyHunter, HijackThis, SuperAntiSpyware Pro, advanced system care, STOPzilla spybot: search and destroy, rootrepeal and dds, and Malwarebytes Anti Malware all unsuccesfully. i also cant seem to remove them. and cant find them on the Add/Remove Programs list.I Have researched this a lot and cant figure it out.i have win32 diag log that was recommended on a different post. and a root repeal log.WIN32DIAG.TXT:Log file is located at: C:\Documents and Settings\codYOhlsen\Desktop\Win32kDiag.txtWARNING: Could not get backup privileges!Searching 'C:\WINDOWS'...Found mount point : C:\WINDOWS\addins\addinsMount point destination : \Device... Read more

A:"permission" virus wont run anti malware apps

Hello codyohlsen,You will want to print out or copy these instructions to Notepad for Safe Mode/offline reference!If you are a casual viewer, do NOT try this on your system! If you are not codyohlsen and have a similar problem, do NOT post here; start your own topicDo not run or start any other programs while these utilities and tools are in use! Do NOT run any other tools on your own or do any fixes other than what is listed here.If you have questions, please ask before you do something on your own.But it is important that you get going on these following steps.=Close any of your open programs while you run these tools.Click on Start button. Select Run, and copy-paste the following command (the bolded text) into the "Open" textbox, and click OK. "%userprofile%\desktop\win32kdiag.exe" -f -r (With much thanks to Tetonbob at TSF, whose methods & verbiage I'm using here).Download This tool save it directly to your desktop - not a folder on the desktop - the commands are tailored for the desktop location.Click Start>Run and Copy then Paste the following bolded text into the Run box and click OK:"%userprofile%\desktop\Inherit.exe" "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"Repeat for these files, or simply find the files, and drag.drop them onto inherit.exe. Any other files you get an access denied message, you can do the same"%userprofile%\desktop\Inherit.exe&q... Read more

Read other 2 answers
RELEVANCY SCORE 79.2

Hello All,my computer is infected with a virus that is similar to other posts but i have tried everything to my knowledge and cant seem to remove it.this virus identifies anti malware and antivirus programs and strips the user of the permissions to access the application. this makes it very hard to remove. most applications i can install and run once then they close immediately.this happened with both rootrepeal and dds which is why i couldnt attach logs.It also has hijacked my web browser and redirects me a lot to other websites when i click any link on google.i am running a winXP Pro SP3 the only two anti virus programs that run without closing are my existing ESET NOD32 3.0.672.0 - identified it as a Win32/TrojanDownloader.FakeAlert.AHT trojanand alsoIObit Security 360 free license. - identified a Trojan.Downloaderwith a free scan of STOPzilla it found - Win32K.Stream trojani have tried running SpyHunter, HijackThis, SuperAntiSpyware Pro, and Malwarebytes Anti Malware all unsuccesfully. i also cant remove them. and cant find them on Add/Remove Programs.I Have researched this a lot and cant figure it out.if anyone has any comments please post a reply.thank you all,CODY

A:"permission" trojan wont run anti malware apps [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

Read other 4 answers
RELEVANCY SCORE 79.2

Please let me know if I have not posted this in the correct area. If so, please let me know where i should post.

I have read as much of the instructions and "read before..." posts as I could find here.

symptoms

complete URL's typed into IE or FireFox are redirected to a google search results page that looks legit, however clicking on the search results sends me to a crappy search engine with completely different results that are sponsored.

URL's clicked from emails or going to a favorites page from the start menu would not open any browser.

If I went to a norton.com, symantic.com, or other site to research the infection, my browser would immediately close. I made copies of iexplore.exe and firefox.exe with new names and was able to start the browsers that way. However, the search hijack symptom remains.

I notice that firefox is very slow, much slower than usual. It was difficult or impossible to use drop down menus on web pages with the mouse (down arrow worked) and clicking between browser tabs was also tough.

Opera Browser, Chrome browser and Safari Browser seemed unaffected, however Chrome just began to randomly close tabs this afternoon. I unistalled it and will re-install.

Every time Internet Explorer starts (Now from "copy of iexplore.exe) I see a window that warns me that IE is running in compatability mode. Firefox also warns me that it is no longer my default browser (i start it from a "copy of firefox.exe".

I downloade... Read more

A:mbam & other anti-malware apps killed by rootkit infection

Hello andygreeneWelcome to Welcome to BleepingComputer =====================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be che... Read more

Read other 1 answers
RELEVANCY SCORE 77.2

The notorious Dyre banking malware has been updated to take on Windows 10 machines and hook its claws into the Edge browser.



Dyre banking malware: Windows 10 and Edge browser now targets | ZDNet

A:Dyre banking malware: Windows 10 and Edge browser now targets

Great. Just great. I HATE these people!
And we know that Zeus/Zbot already affects Edge, as we saw in that thread I just finished today.

Read other 1 answers
RELEVANCY SCORE 76.8

If a program installed malware and the anti malware found something.
Will it delete the malware itself or will it delete the program that came with the malware too?

-thanks!
 

A:Will an anti malware uninstall the program that installed the malware or only the malware itself?

I find your question a bit confusing, maybe it's just me.
But I think I understand your way of asking your question, and I will try to answer:

If for example Internet_Browser_A unintentionally installs stealthy malware by a driveby advertisement / exploit,
then Anti_Malware_B will only detect and remove unwanted malware and leave Internet_Browser_A intact and alone.
But if Internet_Browser_A in the same turn also gets infected, then Anti_Malware_B will try to disinfect or quarantine
Internet_Browser_A aswell.

Does that answer your question and did I understand it correctly?

Welcome! 1Up.
 

Read other 2 answers
RELEVANCY SCORE 76.8

If a program installed malware and the anti malware found something.
Will it delete the malware itself or will it delete the program that came with the malware too?
 

Read other answers
RELEVANCY SCORE 76.8

[topic=253487.html"]Malware byte's Anti Malware software, Malware byte's Anti Malware Not working[/topic]My google requests are being redirected to other sites. As a first step to correcting this, I started to run Malware byte's Anti Malware software. After I updated it, I started the scan when all of a sudden it stopped working. When I tried to reconnect, I got a message"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item"I re-installed the software, updated it, and tried to run it again, and got the same message.Since then, SuperAntispyware, RootRepeal and now DDS will not work. They download okay, but then terminate during the scan, hence I don't have logs I can insert.I've backed up all my data onto an external hard drive.I'm at my wits end, but I'm happy with any assistance I can give you. Hopefully the topic link works.Here is my Win32kDiag.exe log. The next post will by my Rootrepeal drivers log.Log file is located at: C:Documents and SettingsPhilDesktopWin32kDiag.txtWARNING: Could not get backup privileges!Searching 'C:WINDOWS'...Found mount point : C:WINDOWSaddinsaddinsMount point destination : Device__max++>^Found mount point : C:WINDOWSassemblyNativeImages_v2.0.50727_32TempZAP247.tmpZAP247.tmpMount point destination : Device__max++>^Found mount point : C:WINDOWSassemblyNativeImages_v2.0.50727_32TempZAP453.tmpZAP453.tmpMount point destination : Device__... Read more

A:> Malware byte's Anti Malware software, Malware byte's Anti Malware Not working

Hello smartjock99,You got a Rootkit on this computer. We will need to take this cleanup in phases. You are not clean until I tell you so - even if it appears that everything is running fine!Let's begin....==========Step 1Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here. "%userprofile%\desktop\win32kdiag.exe" -f -r==========Step 2Please do this: Click on the Start button, then click on Run... In the empty "Open:" box provided, type cmd and press EnterThis will launch a Command Prompt window (looks like DOS). Copy the entire blue text below to the clipboard by highlighting all of it and pressing Ctrl+C (or after highlighting, right-click and select Copy).

copy C:\WINDOWS\ServicePackFiles\i386\eventlog.dll C:\ /y
In the Command Prompt window, paste the copied text by right-clicking and selecting Paste. Press Enter.When successfully, you should get this message within the Command Prompt: "1 file(s) copied"
NOTE[: If you didn't get this message, stop and tell me first. Executing The Avenger script (step #3) won't work if the file copy was not successful. Exit the Command Prompt window.==========Step 3 Warning to others reading this thread!: The Avenger i... Read more

Read other 44 answers
RELEVANCY SCORE 76.4

The notorious Dyre banking malware has been updated to take on Windows 10 machines and hook its claws into the Edge browser.Dyre, also known as Dyreza, appeared on the cybercrime scene in July 2014 and has quickly gained a reputation as a nasty piece of malware that aims to steal credentials.It's been found to target Salesforce users and banking customers, and more recently was discovered to have been adapted to steal credentials from a range of supply-chain businesses, including fulfilment and warehousing, inventory-management software vendors and wholesale computer distributors.Security firm Heimdal has reported that the malware -- sold as a cybercrime-for-hire service -- has now been updated to support the targeting of Windows 10 and its Edge browser.Source: Dyre banking malware: Windows 10 and Edge browser now targetsOther articles:Security Alert: New Dyreza variant supports Windows 10 & Edge

A:"Dyre banking malware: Windows 10 and Edge browser now targets", ZDNet

Perfect reason to do banking on a live linux disk and go directly to the banking site. 
 
The OS is only as secure as the person using it. Don't click emails from Uncle Fred that only contains a link or attachment.

Read other 1 answers
RELEVANCY SCORE 74.8

Hello. I am working on a friends machine that seems to have a nasty infection. This machine is a dedicated server running Windows Server 2003 Web. Everything I am doing to it is via remote desktop which is making it a little more of a challenge. Web browsing on the server was incredibly slow when he asked me to take a look at it. I figured he was infected with something so I was going to try and install a few things on it and run a few scans, only to find that all of the sites that I found to use are blocked or disable by whatever is infecting the server. Any attempt to access an anti-virus or anti-malware website results in a message stating server cannot be found. Any other website can be accessed though.

There is an FTP server running on this machine, so I do have that availability to FTP to the server to get any file or program to it that I need to. Please just let me know what you need from me and I will get it up here as soon as I can. I am a fairly experienced user and can grasp things pretty easily. Thanks for your time, I greatly appreciate it.


Jamie

A:Malware Blocking all Anti-Malware/Anti Virus websites

If it doesn't block you from softpedia or download.com, the get the anti virus software from their sites instead. Hopefully it won't block them. When they are downloaded, rename the file names.

Read other 2 answers
RELEVANCY SCORE 74.8

Should I install Malwarebytes Anti-Malware beside Emsisoft Anti-Malware for extra protection? Will it slow down my computer?
 

A:Should I install Malwarebytes Anti-Malware beside Emsisoft Anti-Malware?

Emsisoft is more than enough by itself.
 

Read other 61 answers
RELEVANCY SCORE 74.8

Based on your opinions and reasoning which is the better product.
I will still be using both products regardless of the votes.
 

A:Malwarebytes Anti-Malware 2.x vs Zemana Anti-Malware 2.x (Premium only)

This is difficult. I use both as on-demand scanners. I've been using Malwarebytes for years and it's saved my butt on numerous occasions. For that simple fact alone, I'm going with Malwarebytes, but do not shy away from Zemana (in fairness to Zemana, it's a fairly new program). If anything I'd say Zemana AntiMalware feels a bit lighter, but that's really the only fault I can provide. I'll be interested to see what others think.
 

Read other 5 answers
RELEVANCY SCORE 74.8

Donna over at Calendar of Updates has posted a second test regarding the viability of free anti-malware and free anti-spyware programs - Malware Detections of Free Anti-Malware/Anti-Spyware

see Malware Detections of Free Anti-Malware/Anti-Spyware - Calendar Of Updates

For those who don't know, Donna also previously posted another test, Rogue Detections: Old, Not So Old and New Threats
see Rogue Detections (old, not so old, new threats) by malware scanners - Calendar Of Updates

A:Malware Detections of Free Anti-Malware/Anti-Spyware

Hi John

Looks like a fairly good test, unfortunately it's on an XP box. Do you know if they plan on running one on a Vista system, since the way that many malware works will affect it's viability on Vista systems?

Thanx for the link! Still lots of good info there for our members.

Read other 7 answers
RELEVANCY SCORE 74

When I try to run a scan from usind AVG anti-virus, Avira, Windows Defender, or SuperAntiSpyware; when the scan gets to a certain point, Windows shuts computer down with a blue window. It says Kernel_Stack_ Inpage_ Error plus some standard verbage about if you recently installed sortware/hardware,see administrator, etc. At bottom it says: STOP: 0x00000077 (0x00000001, 0x00000000, 0x00000000, 0xF79B1D24). I could sometimes run AVG scan in "select drives/folders" mode but recently it quit allowing that after I upgrade to AVG 9 (free). I uninstalled AVG and went to Avira but with same results. Scanning with Windows defender did the same. I recently installed and ran SuperAntiSpyware and was able to pinpoint problem to " System Volume Information" directory. I am unable to open to see contents as Windows shows no files in it. When I ask Ariva to scan it, Ariva says no files also but if I use AntiSpyware to scan, it shows many files during it's scan but will get to a certain point and computer will shut down. I can almost see file that shuts it down but it happens too fast to catch it. I was able to run "RootRepeal" and log is below. I was not able to run "DDS.scr".

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/30 13:15
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepe... Read more

A:Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 23 answers
RELEVANCY SCORE 72

Are there any free, updated and/or recent Anti-Virus & Anti-Malware combos that could offer better protection than windows defender for windows 10?

A:Good Free Windows 10 Anti-Virus & Anti-Malware Combos

If you don't want to pay then I would recommend avast! Free Antivirus or Bitdefender Anti-virus Free Edition if you prefer not to use Windows 8/10 Defender.For more suggestions such as Sophos, Panda,and Avira see Choosing an Anti-Virus Program.Also see Supplementing your Anti-Virus Program with Anti-Malware Tools.

Read other 11 answers
RELEVANCY SCORE 71.6

I am planning on purchasing one eventually but just in the mean time to keep things safe any recommendations?
 
I've just cleaned up my computer of random "free anti-virus software" that was downloaded over a period of time, and my computer is finally free and I wanna keep it that way! hehe
 
Any help is much appreciated.
 
 
Thank you,
Justin

A:Best free anti-virus/anti-malware/protection for Windows XP 32-bit

There is no universal "one size fits all" solution that works for everyone and there is no single best anti-virus. Every vendor's virus lab and program scanning engine is different. Each has has its own strengths and weaknesses and they often use a mix of technologies to detect and remove malware. In many cases choosing an anti-virus is a matter of personal preference and what works best on a particular system. You may need to experiment and find the one most suitable for your needs. Please read:Choosing an Anti-Virus ProgramHere are links to some recent BC discussion topics with opinions from other members:Best anti-virus software for windows 8? 2015Looking for recommended anti-virus softwaresWhat is the best antivirus protection?What's the best premium security suite in the market currently?Recommend a good free antivirus programWhich antivirus and malware programs should I use together?Antivirus Solution?Here are links to polls about this very subject:Poll: Best Antivirus and FirewallPoll: Best Anti-Spyware/Anti-Malware/On-Demand Scanner

Read other 19 answers
RELEVANCY SCORE 71.6

Hi I'm reinstalling my operating system and starting everything over on my laptop, and need some good free sources for Anti-Virus and Anti-Malware and any other programs I should start fresh with to make sure everything stays safe and protected.
Thanks,
Mike

A:Windows 7 Home Premium - Need Anti-Virus and Anti-Malware

Microsoft Security Essentials, Avast 8 or Avira
Malwarebytes
Spywareblaster
SuperAntispyware
All Free Versions and most of all -> http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Read other 1 answers
RELEVANCY SCORE 71.2

I have a default Yoog Search in my Search Engines, i try to remove it and set it as google but it would again default to Yoog. Next thing is I just cannot run 'sybot search & destroy' and doesnt let me open any anti-malware related sites. I cant download any anti malware apps. I am just stuck. I saw a post " Win 2K hijack issue - unable to run malware apps!". I have exactly the same case on my system.

 

Read other answers
RELEVANCY SCORE 71.2

these are the instructions I followed:Uninstall itclick on this link ? and then select run.http://www.malwarebytes.org/affiliates/2...INSTALL IT TO YOUR DESKTOP, update it, then run a full scan and remove everything it finds.some viruses will try to disable it so if malwarebytes will not start up then go into the folder it is in and rename the mbam file to XXX then double click on the file you just renamed to start it up.after you have used malwarebytes then do this on-line scan.to make sure you have nothing else hiding away.http://www.bitdefender.com/scan8/ie.htmlpreferably in safe mode with networking.it's important you install it on your desktop so you can easily get into the folder and change the name of the mbam file.and viruses do not always look on the desktop for it.OR you can try the on-line scan first.This seemed to have helped but I still can't run Malware bytes and my computer redirects websites I try to get into sometimes. I installed Norman Malware cleaner is this is what it said:Removed 5 of these ( deleted file:C:/windows\system.32\UACqfqboedxvctjti.dat)in red appeared- To many infections/an unexpected error (Please contact support):C\Windows\system32\UACqfqboedxvctjtit.dat (infected with Text/Td.ss.A)File marked for defered cleaning (reboot required) c:\windows\Temp\UAC314c.tmp(infected with W32\FakeAlert.NEUI clicked quit afer it finished scanning and it prompted me to reboot computer automatically. I ... Read more

A:The computer at work is infested with PAV. I downloaded Malware bytes anti-Malware but it still won't scan

Hello it appears you are heavily infected with rootkits. They are interfereing with removal.You need to run HJT/DDS.Please follow this guide. go and do steps 6 and 7 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.Let me know if it went OK.

Read other 1 answers
RELEVANCY SCORE 71.2

Hi all,My dad has asked me to take a look at his computer after it's been acting odd, and it looks like he's got a doozy of something running on the system. He's been getting some pop ups advertising various programs, the desktop is changed to text reading "Your system is infected! System has been stopped due to a serious malfunction. Spyware activity has been detected" (which is not something any program that should be running would display", Task Manager is blocked from opening and a fake piece of anti-spyware has taken up residence (don't have the name off hand).Looking at the log, I found a couple of things that I'm not a fan of - batmeter16.dll, for starters. There's a couple others I don't recognize, but I am not sure if they are bad or not.Unfortunately, my attempts to fix it have been thwarted - an AVG scan said it cleared it up, but more pop ups came. I tried to run Malware Bytes, but when I download the latest update through the program, I get a nice warning message saying "The database you are using is not supported by this version of Malwarebytes' Anti-Malware. Download the latest version of the program."Additionally, this came about because I tried to start into Safe Mode to get this cleaned up. I couldn't get my keyboard to register keystrokes before Windows started, which kept me from accessing the dialogue allowing Safe Mode to be entered, so I modified boot.ini to force a safe mode boot. Unfortunately, this brought about a blue sc... Read more

A:Malware blocking MalwareBytes (post-update), fake anti-malware program

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....Please download The Comedian.exe by Rorschach112 to your desktopPlease disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..Double click the program to run it. It will only take around several minutes to run.It will do a series of tasks and tell you when each one is finished.You will be prompted to press any key after each stepWhen it is done it will close and exit itself automatically.You can delete The_Comedian.exe once it is finishedSTOP! if you can't complete this step.. Tell me more about it..NEXTPlease download OTL by OldTimer and save it to your desktop.Under the Custom Scans/Fixes box paste this innetsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINTDon't change any setting... Just click on the Run Scan button.. Let it scan till finish..Then a log will pop-up at your Desktop. Post the content of the log hereNEXTWe need to scan for Rootkits with GMERPlease download GMER from one of the following locations, and save it to your desktop:Main Mirror
This version will download a randomly named file (Recomm... Read more

Read other 3 answers
RELEVANCY SCORE 71.2

I can not do the prework because my browsers are incapacitated, so I can't download anything.The PC indicates that my web connection - DSL - is functioning properly. I don't know if it is safe to insert a flashdrive in order to bring the required programs to my pc, and post the results using my relative's pc. Is there a way to prevent malware from infecting the flashdrive?
 
I am using a relative's desktop PC in order to communicate here. I still have windows XP SP3 on my desktop pc and I finally got a virus despite what I thought was safe surfing, using a limited account. I have Avast free but it did not detect anything. My superantispyware is "locked" and my malwarebytes free stops responding.  So I don't know what infection I have. I use Online Armor firewall, but it did not prompt me about any new program. It is set to always notify me, even when running something I have allowed in the past. Whatever it is, also got passed K-9 web protection which filters all of my PC use. I am putting a lot of disjointed information that may be helpful into this post, simply because of my need to go back and forth between two houses in my particular situation. (About a 5 minute walk). I normally would not put all of this into one initial post. I understand that the system works better when one detail at a time is presented upon your request. Please understand that I won't be able to provide bits of information without returning home for each request!
 
My last action befor... Read more

A:unknown malware disabled my browsers, locked anti-malware programs

DON'T READ MY POST!
system restore worked!
how do I close this thread as solved??

Read other 2 answers
RELEVANCY SCORE 71.2

Yesterday, I had troubles with Windows live messenger where it (still) says:

"Windows Live Communications Platform has encountered a problem and needs to close. We are sorry for the inconvenience. "

although, the problem isnt about MSN. I found out that this problem was caused by having Malware on your computer. Hence, i decided to run a scan using Malwarebytes Anti-Malware (MBAM).

I noticed that my Avast was disabled and if i try enable it, it comes up with a window saying: the operation could not be completed.

My google searches also SOMETIMES get redirected to links that is clearly out of topic.
like if i google search the terms "malware wikipedia" and i click on the wikipedia link but i get redirected to some Myspace/Anz credit card crap.

Then this happened.
MBAM CRASHED after 2 mins of scanning -> tried to re-run MBAM but a window came up saying:
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."
I ran several other programs such as:
HJT -> scanned for 2 mins, then crashed (no logs were made)
SUPERAntiSpyware (SAS) -> scanned for 2 mins, then crashed
and same goes for any other programs that searched for any malware.
The only program that worked was TROJANHUNTER and came up with a couple of false positives
I also tried using Avira's Rescue CD (the one where you boot up with it and it does a scan)
A scan using Avira was also successful but failed to... Read more

A:Malware/Anti-virus tools wont run due to a rootkit/trojan/malware

i am having the exact same problem!
i have no clue what to do, any help would be amazing!

Read other 2 answers
RELEVANCY SCORE 71.2

Have been using Win 7 Ultimate x64 for quite a while but tonight ran into a small problem. I like to keep the titles for links very short and want to rename "Malwarebytes Anti-Malware" (I am a registered, paid user) to simply "Malwarebytes". I am listed as an Administrator and I used LockHunter to unlock the file but it still does not allow me to shorten the description. When I shorten the name and hit OK I am told "You'll need to provide administrator permission to rename this file" Since I am the administrator on this machine I do not know what to do. Continuing does nothing. Anyone have any suggestions? /* Philip */

A:Changing File Decription for link to Malware Bytes Anti-Malware

Not sure but I think Malwarebytes is trying to protect itself.
That is one of the first things a virus would try to do is change the name/link and get it out of the infection way.

I can change the name of the desktop Icon to MBAM.

Read other 9 answers
RELEVANCY SCORE 71.2

Hello,
One of the family's machines recently ( few months ago ) was force fed Windows 10 Home.
Typically on our other machines ( Windows 7 and 8 ), I use Avast Free to run in the background and SUPERAntispyware and Malwarebytes I run as standalones. I use a Limited User account for any internet facing activities.
I see Windows 10 comes with Windows Defender.
Is this enough?
What's the general consensus if there is one.
Any suggestions would be appreciated.
Thank you for your time.
 

A:New To Windows 10 Anti-Virus/Anti-malware Question

Read other 6 answers
RELEVANCY SCORE 71.2

I did a hijackthis scan and here's what I got:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:18:17 PM, on 4/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\System32\DVDRAMSV.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exeC:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exeC:\WINDOWS\System32\00THotkey.exeC:\WINDOWS\system32\TFNF5.exeC:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exeC:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynT... Read more

A:Malware Blocking Acess to Spybot, Microsoft Malicious Removal Tool and other anti-malware programs

Hey guys I solved my own problem. I completely reinstalled windows. (It was about that time anyway)

Read other 2 answers
RELEVANCY SCORE 71.2

Hi. There is something going on with my computer, can't get on internet and many pop up messages, and I have tried to run MBAm. When I click on "Remove Selected" it starts doing the removal but then a box pops up with "Malwarebytes Anti-Malware has encountered a problem and needs to close." There are three boxes to choose to click on...Debug, Send Error Report, or Don't Send. When I click on Debug I get a new pop up box with "DrWatson Postmortem Debugger has encountered a problem and needs to close". Same three boxes to choose to click. I click on Debug and then get a pop up box with "Microsoft Visual C++ Runtime Library. Runtime error. Program:C:\Windows\System32\svchost.exe.

I have multiple pop up boxes coming up when I just log on:

dsca.exe-Application error

27578134.exe has encountered a problem

Sysfader:IEXPLORE.EXE-application error. Instruction at "0x03a0bdd9" referenced memory at "0x03a0bdd9". The memory could not be written. When I click "OK" to terminate this it came up with multiple other boxes with different numbers...0x0403bdd9,0x03eabdd9,0x0455bdd9,0x053abdd9.

ctfmom.exe Application error

Data Execution Prevention-Microsoft Windows...to help protect your computer Windows has closed this program: Internet Explorer.

I am unable to get on the internet from my computer and am currently using my husbands laptop to post.

I would appreciate anyones advise or help.... Read more

A:Malwarebytes Anti-Malware unable to remove selected malware

I would try logging in to safemode with networking and then run the scanfrom there. To log in to safemode gently tap the F8 key as the computer reboots and then select safemode with networking from the list. If you are able to run the scan in safemode then there's probably some infection that was preventing it from runnig in the regular Windows mode. If not then there may be a problem with the Malwarebytes. I have had a similar problem and I had to un-install it and then re-install it. I emailed their tech support and was told it was possibly a conflict between it and AVG free though I'd never had that problem before... EVER.

I suspected it was something buggy with the update that had come through.

Read other 4 answers
RELEVANCY SCORE 71.2

Hi all!
Recently while searching for new Anti-Malware tools to try subsequently in order to clean my computer for malware, I came across EMCO Malware Destroyer.
And hence, now I am wondering;What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?
Thank you very much in advance!
Regards,
midimusicman79

A:What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?

I have seen it advertised on Major Geeks and other third-party hosting sites but write ups and reviews never impressed me.EMCO Malware Destroyer by Softpedia...To start with, you should note that it does not provide active protection, heuristic scans or an active shield of some sort. This utility will only search for baddies currently loaded in the memory or running processes that are infected...Malware Destroyer is designed for manual virus checks and the fast scans recommend it, but bear in mind that it is mainly aimed at non-techy users and will only provide an occasional supplemental layer of protection.

Read other 10 answers
RELEVANCY SCORE 71.2

Please help me,
I cannot access any internet (wifi & ethernet) after malware removal using GridinSoft Anti Malware. I already updated network drivers, but it's still not working.
 

Read other answers
RELEVANCY SCORE 71.2

Hi, I been trying to remove the searchinterneat-a.akamaihd.net malware for months. I looked over at least 10 different guides on how to remove the malware. I tried multiple antimalware programs to HitmanPro to Anti-Malware and it seems like none of them can detect the malware. Looking for help!

Read other answers
RELEVANCY SCORE 71.2

I tried to down load the now version, and the computer won't let me download it.

And there is something wrong with the version of Anti-Malware I have now. Every time I want to use it.
It downloads the setup and then it up dates. And today when I wanted to scan, it stopped and computer ran an error
report.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:38 PM, on 10/4/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\G... Read more

A:Can't download the news version of Malware bytes Anti-Malware

Read other 16 answers
RELEVANCY SCORE 71.2

Hi all!
Recently while searching for new Anti-Malware tools to try subsequently in order to clean my computer for malware, I came across EMCO Malware Destroyer.
And hence, now I am wondering;What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?
Thank you very much in advance!
Regards,
midimusicman79

A:What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?

I have seen it advertised on Major Geeks and other third-party hosting sites but write ups and reviews never impressed me.EMCO Malware Destroyer by Softpedia...To start with, you should note that it does not provide active protection, heuristic scans or an active shield of some sort. This utility will only search for baddies currently loaded in the memory or running processes that are infected...Malware Destroyer is designed for manual virus checks and the fast scans recommend it, but bear in mind that it is mainly aimed at non-techy users and will only provide an occasional supplemental layer of protection.

Read other 0 answers
RELEVANCY SCORE 71.2

I've been seeing here that Emsisoft Anti-Malware is free for 30 days, after 30 days of use will be able to scan and remove malware that it finds?
I do not want to use it with real-time protection, I have ESET for it, I use it as I use Malwarebytes Anti-Malware Free, only for weekly scans!
Thank you
#Translator
 

A:Emsisoft Anti-Malware Free'll be able to scan and delete the malware?

Download emsisoft emergency kit

Emsisoft Free Emergency Kit: Portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans

it's scanner without real time, full free
 

Read other 3 answers
RELEVANCY SCORE 71.2

My Windows 8 computer has been infected with malware/adware. When I browse the internet there are ads displayed by edeals. I've followed many guides to removing it, but none have worked. I've scanned my pc with malwarebytes, adwcleaner, and junkware remover.
Here is the result of the scan with Adwcleaner: 
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Local]
# Operating system : Windows 8.1  (x64)
# Username : Jed - JEDPC
# Running from : C:\Users\Jed\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*origin.com;*ea.com;*akamaihd.net
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:12289
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2109 bytes] - [24/05/2015 11:15:26]
AdwCleaner[R1].txt - ... Read more

Read other answers
RELEVANCY SCORE 71.2

Good afternoon,
 
  After 2 years of no problems, it seems I may have been infected with Malware.  The hard drive spins constantly, making my laptop nearly worthless.  I rebooted my computer in Safe Mode and ran several programs to try and find/remove the Malware.  Some programs run OK and find nothing, but at least 3 programs run for a short time, then freeze up and the hard drive spins constantly.
 
  Here is what I've tried so far:
- Norton Power Eraser - Finds no problems
- Panda Cloud Cleaner - Did find and quarantine a few issues
- Kaspersky - I ran a through scan on everything - it took several hours and did find 2 infections.  Cleaned or quarantined both
- Malwarebytes - Gets to a certain point, then freezes.   Hard drive spins constantly
- ESET - Gets to a certain point, then freezes.  Hard drive spins constantly
- House Call - Gets to a certain point, then freezes.  Hard drive spins constantly
 
- AdwCleaner - Ran this, log looks clean except for 1 Firefox and 1 Google Chrome file that are listed
- Junkware Removal Tool - Only tried to run in Safe Mode w/ Networking.  Shows a command prompt screen, but nothing happens
- ComboFix - I have run this, can produce the log file if needed.
 
Any help you can give would be greatly appreciated!!

A:Malware Infection - Freezes computer when Anti Malware Program is run

Hello having run ComboFix, you need to repos this with that ComboFix log in this forum...Virus, Trojan, Spyware, and Malware Removal Logs

Read other 4 answers
RELEVANCY SCORE 71.2

Hi, A suspicious SVCHOST.exe just popped into my startup list. I bet it's not the only one causing my sudden computer slowdwon. I attached my HijackThis log and I hope someone gets to help me. Thanks!

A:Malware. Unable to Update any Anti Virus/Malware Program

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 70.8

An alien visited our house in the form of the neighbour's kid and left tracks on the computer in the form of virtumonde and loads of other great stuff. It was so-o-o-o-o slow and seemed to have weird popups asking to download a virus check program when IE was running. It also was blocking any Windows updates for security center. I ran Ad-aware and SpyBot S&D and fixed all problems that appeared there. But this did not get rid of virtumonde as it came back. Also, I downloaded ComboFix and ran this as well as I produced a HJT log file. Please see the attached HJT and ComboFix logs. ( I have to send the HJT log in a separate post as the combined logs are too large.) Would this have cleared virtumonde from my known computer universe? Thanks a bazillion for any help.
Cheers,
Buddy

ComboFix 08-10-08.05 - vet 2008-10-09 20:31:09.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.285 [GMT -4:00]
Running from: C:\Documents and Settings\vet\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMb398cce6.txt
C:\WINDOWS\BMb398cce6.xml
C:\WINDOWS\SYSTEM32\asxwcjml.ini
C:\WINDOWS\system32\bdtamdpm.ini
C:\WINDOWS\SYSTEM32\bmatbugc.ini
C:\WINDOWS\SYSTEM32\cnuhjwww.ini
C:\WINDOWS\system32\ddcDwUmN.dll
C:\WINDOWS\system32\dehpimiu.ini
C:\WINDOWS\system32\drivers\fad.sys
C:\W... Read more

A:Malware, virtumonde and block of windows update

Logfile of HijackThis v1.99.1
Scan saved at 9:27:40 PM, on 09/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONI... Read more

Read other 1 answers
RELEVANCY SCORE 70.8

Hi,
On 12/2/10 my PC was mugged. Warnings by Scotty (Winpatrol) alerted me to possible changes to rundll32 among others.
Scanned with Ad Aware, found & fixed a few things.
Decided to update my windows security, but discovered I couldn't access it. After the update starting page, it would
go to "The website has encountered a problem and cannot display the page you are trying to view. The options provided
below might help you solve the problem....With error code: Error number: 0x80072EFF

Never found the meaning of that specific error code.

Had previously used Malwarebytes so I downloaded the latest version of that which warned me of possible tdl3 rootkit infection, then re-booted and finished the scan.

Operation improved for a bit, but still can't access windows update. Usually I can't even access the page anymore.

a) If I can access the update page (checking your system for the latest version of windows updating software, it switches to
"The website has encountered a problem and cannot display the page you are trying to view.
The options provided below might help you solve the problem." & displays an 0x80072EFF error.
Sometimes re-directed to Google.
c) Usually I get (what i think is a fake) "Internet Explorer cannot display the webpage" with the "Diagnose Connection Problem" button. There is no connection problem

Other symptoms:
1) IE8 launches successfully less than 50% of the time.
2) IE Occasion... Read more

A:Malware attack, windows update block

PC has slowed to a crawl....

Malware causes a couple of instantiations of svchost.exe to run amok slowly increasing in memory usage until PC stops running.
Manually killing continually growing version periodically is temp fix.

Now efforts are made to add malware addresses to HOSTS file. Scotty alerts me.

Read other 19 answers
RELEVANCY SCORE 70.4

I dowloaded AdwCleaner on BleepingComputer.com, the software it self looked to work fine & looked very legit.
In the software  Tools menu it is possible to add PUP/Hosts Anti-Malware. Since the main software looked OK i did it.
I made a scan with Hitman Pro & it was declared has "MALWARE". It had 3 bad files, 1 malwarrre ( the main process,
1 trojan & a suspuscious file, i condamned all.
 
Can someone tell me WTH is going on with ADWCleaner & maybe it would be a good idea to put a CLEAR notice on the download page.

A:PUP/Hosts Anti-Malware (ADWCleaner extension) =Malware

Hello -
The program is OK.
Did you First fully read the directions and follow the instructions ?
 
Many Antimalware programs are detected by other Antimalware programs, and this is usually a False Positive reading.
It shows up as your program may need to be disabled while you use another program.
 
Thank You -

Read other 10 answers
RELEVANCY SCORE 70.4

I am pulling my hair out. Please help. I have followed the instructions in your excellent forum at http://www.bleepingcomputer.com/virus-remo...-antivirus-plus but still no luck. Everytime Malware Bytes starts to run it dies. I have also been unable to get the RootRepeal Report. Same problem - it starts then apparently is killed by Antivirus Plus. I also had difficulty getting the DDS Tool to generate the log files but it finally worked. Here are the two files. At least it's a start. Can you tell me what I should do next? Thank You

A:Antivirus Plus Kills Malware Bytes Anti-Malware

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 2 answers
RELEVANCY SCORE 70.4

Hi Guys

hope you can help me. I have a windows Vista sony laptop where I tried to install a mcafee software from someone and i saw a strange pop up , when I closed it, i started to notice few strange things on my machine:

1. spyboy doesnt open anymore and unistalling it then trying to install it give me an error message
2. Malwarebyte anti-malware doesnt open as well.
3. Firefox google homepage doesn't load anymore
4. installing mcafee security software (clean version) doesnt load

I hope the log of hijackthis will shed some light on what's going on
thanks a lot

Karim
 

A:malware infection stopping spybot and anti-malware!

just want to update that the first 3 issues still in place but point 4 isn't a problem anymore. I successfully managed to install the mcafee 2008 security centre and I will be making a full scan, while waiting for any suggestion for points 1 to 3

thanks

Karim
 

Read other 2 answers
RELEVANCY SCORE 70.4

 Hi all,
 
 I am Pousoidis and I would like to thank you for the services you provide. I am pretty sure that I have a virus in my laptop. My system is an Ideapad U410 with Intel® core ™ i5-3317u 1.70ghz, 8gb ram memory, 64 operating, with windows 7.
 
 At some point I could not click on my start menu button without windows explorer notifying me that it had stopped working and that it was checking for a solution to the problem. I went online trying to read about what I could do. Eventually, I restarted my pc with the option of cheking for disk errors and that seemed to fix the start menu problem; now the windows explorer does not crash. But after that I noticed that I could not open certain programs such as skype and picasa 3 (and μtorrent which since then it has been uninstalled from my pc).
 
 It is then that I became more suspicious and decided to download and run anti-malware programs such as mabm and spybot. None of these can install itself on my pc, always some error message such as "privileged instruction". Was not sure how to proceed from that, so i searched online and came across your site. Thank you again for your help. I apologize in advance, I am not really well versed in the ways of technology. I did run 1 system restore before I visited this site.
 
so I am copy pasting my dds files: 
 
Run by Pousoidis at 13:46:22 on 2014-02-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8053.5... Read more

A:Infected with some malware. Not allowed to install and run anti-malware.

Hello Pousoidis I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same... Read more

Read other 16 answers