1,366 Posted Topics
 | That MBA-M log is incomplete, it is missing the top portion that would appear ABOVE Internet Explorer. It is the portion that reads similar to this: Malwarebytes' Anti-Malware 1.50.1.1100 [url]www.malwarebytes.org[/url] Database version: 6528 Windows 6.1.7600 |
| | System optimizers generally are worthless. Don't bother with any of them. Smart computer usage is what keeps the system optimized. |
| | [QUOTE=flagstar;1602558]You probably have virus in your computer... Download Malwarebytes Anti-Malware and run a scan to confirm it... If it does found it, please proceed to instruction link posted by crunchie to completely remove them... He'll help you out till you done[/QUOTE] The link provided by Crunchie includes Malwarebytes' Anti-Malware as …  |
| | I ask that you please don't disable or re-enable standard operating files during the clean up. By doing so you could make the scanners not see what they need to see or see something they need not worry about. So Please leave your security center and that type of thing …  |
| | Jim,your MBA-M program is several years out of date,which is why it didn't find anything, because it can't, it's too old and that database does not contain the proper files to look for today's infections. You need to update that and run it again. Currect version number is[B] 1.51.1200 [/B]and … |
| | Use [B][URL="http://www.eset.com/onlinescan/"]ESET Online Scanner[/URL][/B]. It definitely DOES remove items. You will have to use Internet Explorer and turn OFF all security programs while scanning and removing. Also try the [B][URL="http://www.microsoft.com/security/malwareremove/default.mspx"]Microsoft® Windows® Malicious Software Removal Tool [/URL][/B] for rootkit removal.  |
| | Hello Twiggy159, You forgot to update MBA-M before running the scan. You should remember you always should update before each scan. Update it and run another Full Scan, have it remove everything found, reboot and then post back here with the new log. You said that you had the Windows … |
| | Re: Spyware? Hello the.avon.lady1, You did not post all the requested logs. It is important that you post the DDS Attach.txt log..So please copy/paste that log here. flagstar is incorrect, [B]tracking cookies ARE most definitely spyware[/B], hence their name TRACKING cookies. You do NOT want these on the computer. If SAS keeps … |
| | Your [B]MBA-M program is nearly 18 months old[/B]. Current version is version [B]1.51.0.1200[/B] and the latest database version is [B]6851[/B] so your [B]database is 3000 behind.[/B] The absolute rule is to always update MBA-M before each and every scan. They issue updates multiple times daily so even if you run … |
| | Could very well be an infection. Follow the steps given in our Read Me Sticky and post back with the logs. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
 | Hi Jen, Crunchie isn't here at the moment. The TDSKiller DID remove a rootkit. It is [B]highly likely[/B] that you[B] do[/B] still have infection on the computer. Your version of MBA-M is a year out of date. Current version is [B]1.51.0.1200[/B] and current database is at least database version 6897. … |
 | somjit, you certainly can post the logs here so we can be sure all is clean. Your new [B]kaspersky 2011 internet security suite[/B] is an excellent program and it contains an antivirus program, and a two way firewall so you certainly [B]don't need another firewall[/B]. The absolute rule is ONE … |
| | Re: Virus attack We need a lot more information than you have provided.What operating system? What tools did you use to clean the computer with and do they have logs? I fso we would need to see those logs. Wiithout knowing what infection it was and exactly what and how steps were run … |
| | Re: Search Redirect Logs? we can't advise anything until we see logs. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
| | Re: Virus? Xjmaslord4, I am going to ask that you follow all the instructions given in our Read Me sticky and correctly linked by steven woodman earlier. Those instructions are very clear; [B]When you post your request for assistance, please be sure to submit (Copy & Paste, not as an attachment unless … |
| | Doing a registry edit certainly didn't remove this infection and anti-virus programs are NOT going to remove this, it is a Trojan. They are not usually configured to do so. What was the name of this "virus" found by Avast? Try these steps, you will need a Clean computer in … |
| | Also check with your email provider. I know my ISP offers that if one wants to use it. |
| | Please follow all the instructions on our Read Me Sticky and post back with all the requested logs. We can't help without complete information. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
| | Re: qqd.exe Using SAS is not going to remove the original infection which is in the Fake Alert Trojan family. This second one that you note is one that has been brought in by the original infection. System Restore will NOT remove infections. System Restore works only on a very few files, … |
| | System restore is [B]NOT[/B] a good idea especially since you have all ready removed some infections. Chances are the restore points could be infected.[B] Leave it alone, don't turn it off, don't use it.[/B] That can be dealt with later. [B]Do the following:[/B] Please download[B][URL="http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?cdlPid=10997763"] Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your … |
| | You mean a paid version of an antivirus program? You should be able to as long as you have the registration code and it is not expired. You probably would have to contact the av company to get it reactivated but that normally isn't a problem as long as you … |
| | We actually know nothing here since no logs have been posted, other than the fact that the computer is probably 7 years out of date based on the service pack and You are running a 10 year old copy of Internet Explorer. IE7 was released nearly 5 years ago and … |
 | since this doesn't appear to be an infection problem I am moving this thread. |
 | You have a rootkit on the computer please do the following: Please read carefully and follow these steps. * Download[B] TDSSKiller[/B] and save it to your Desktop. [url]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url] * Extract its contents to your desktop. * Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, … |
| | Can you do the following and post the TWO logs produced? Download [B][URL="http://download.bleepingcomputer.com/sUBs/dds.scr"]DDS by sUBs[/URL][/B] and save it to your Desktop. Be sure follow the instructions below carefully! • If your AV has a script blocker, please disable it • DoubleClick on dds.scr to run the tool * A command … |
| | Please ignore the two useless posts above by sergent and jingda, neither one has the knowledge needed to assist in infection clean up. Follow all the steps given in our Read Me Sticky and post back here with COPY/PASTES of all requested logs. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
| | Your DDS log shows Combofix installed, did you run it? If so we need that log also. Who told you to run Combofix? Can I also ask that you translate these logs to English? Our rules are very clear, [B][COLOR="Green"]Do post in full-sentence English[/COLOR][/B] We also request that ALL logs … |
| | If I may, The TDSSKiller log should always be posted, it has not, even if it said it was clean we need to see that. The HJT log is not necessarily a mess, it is just difficult to read because Word Wrap was on when the log was copied. Plus … |
| | Have you tried running DDS in safe mode? Whoops! Do this first: Download the following zip file: [url]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url] extract it into a folder on the infected (or possibly infected) computer with an archiver (WinZip, for example); Run the TDSSKiller.exe file; Make sure there are check marks in both boxes, Services …  |
| | How exactly did you remove this infection and what was the infection? Have you tried to boot to Safe Mode with Networking in order to run the programs in the Read Me Sticky? |
| | You said you completed the steps in the Read Me sticky, there should be more logs to post, the MBA-M log, the two DDS logs and the GMER log #2. All should be copy/pasted. You stated that you had AVG on the computer and then you installed Bit Defender, did … |
| | To fransbautista and to finc, this thread is over 3 years old, the original poster never returned. franbaustista, your problem is similar to the original poster's problem it may not be caused by the same thing, especially three years later. Please begin your OWN threads when posting problems rather than … |
| | First of all your log shows two Security Suites on the computer, COMODO Internet Security and Norton. If both of these contain a firewall and anti-virus program this is a big no-no. Rule is ONE of each on a computer. Malwarebytes'Ant-Malware should NOT be booting up with the computer, real … |
| | Hi andynov123, welcome to daniweb. You need to follow all of the steps given on our Read Me Sticky and post back here with all the requested logs. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
| | [QUOTE=justo0;1552242]i think AVG, Kaspersky and NORTON are all good~~[/QUOTE] This thread is over 5 years old and dead. |
 | Normally all three of those files are legal files, avwsc.exe is from Avira Antivirus program, wscntfy.exe is the security notification file and rundll32.exe executable is a valid part of Windows, and normally shouldn’t be a threat. That is not to say that any or all "could" be infection but they … |
| | [B][COLOR="Green"]Please read carefully and follow these steps.[/COLOR][/B] Download [B][URL="http://support.kaspersky.com/downloads/utils/tdsskiller.zip"]TDSSKiller[/URL][/B] and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on [B]TDSSKiller.exe[/B] to run the application, then on Start Scan. If an infected file is detected, the default action will be … |
| | [QUOTE=tje210;1496138]+1 to renan. this is why frequent backups, frequent virus scans, and intelligent web browsing are necessary. don't be too attached to your current OS install... you should always be willing to reformat your HDD and reinstall. destruction and reconstruction are always faster and more satisfying than repair.[/QUOTE] Encouraging reformat … |
 | Don't know where you got mbam_rules.exe, that doesn't appear to be a current file. The manual update file can be found Here [url]http://malwarebytes.gt500.org/[/url] But for the moment see if you can do the following without the manual update. Also, for the moment, only try using either IE or Firefox since … |
| | It is just a warning from this test version that you may not be able to fix a Host Hijack using the HiJackThis program and will have to do this manually. Don't worry about this, there is no indication that the Hosts file needs fixing. |
 | First of all Uninstall that Exterminate It program. It is malware itself! It's own website is known to contain malicious content. Kaspersky blocks the download of the program itself. Uninstall this program and follow the steps given in our Read Me Sticky.[url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
| | Rik forgot to post the link to the Read Me Sticky, here it is, please follow the instructions there and post all your logs here in this thread. [url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url] |
 | You ARE aware I hope that you have posted your actual name, if this IS your actual name, in your thread on a public, open forum. I have edited your post and removed it. You say in your post "(I always use my Orignal name "xxxxxx" while Subscribing newsletters or … |
| | Hi Feb20, first of all you say you are running TWO anti-virus programs, so your protection is cut way down. The absolute rule is ONE anti-virus program and ONE firewall should be run on a computer, never more. Sounds like you have one of the Fake Alert infections, which anti-virus … |
| | [QUOTE=alicaa;1543413]Hello, This is really not good, i think this is major problem and i think you are using trial version of anti-virus that's why this problem occurs so please install any good anti-virus then try to solve this problem.i will also try to get some good information about it. good … |
| | [QUOTE=striker_1;1542030]Firstly, Thanks for reply. The steps that you told us are "[B]Must need to be taken[/B]" steps. I would personally recommend to all users of XP (Not just Xp, But Vista ,7 and Linux users too)to backup their OS> if they dont want to buy a new HDD so Instead … |
| | Try the following steps. Boot to Safe Mode with Networking if possible. Go to this download page link [url]http://www.bleepingcomputer.com/download/anti-virus/rkill[/url] When at the download page, click on the Download Now button labeled [B]iExplore.exe[/B] download link. When you are prompted where to save it, please save it on your desktop. Once it … |
| | We have to see least a log from MBA-M. Using your iPod is doing nothing but putting it at risk. Personally I would never use it again on another computer until it is wiped clean. |
| | You have a Rootkit on the system. Please read carefully and follow these steps. * Download [B]TDSSKiller[/B] and save it to your Desktop. [url]http://support.kaspersky.com/downloads/utils/tdsskiller.zip[/url] * Extract its contents to your desktop. * Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. … |
| | I apologize for us missing your thread. We have few helpers here and all are volunteers and occasionally that happens. I know it doesn't help just trying to explain.Unless tools can be installed onto the computer using either Safe Mode with Networking or via a CD/DVD disk, USB drive or … |
The End.