Tech Problem Aggregator

System Progressive Protection malware

Q: System Progressive Protection malware

I think my laptop is infected by the System progressive protection malware. Whenever I turn on the laptop, window will hange at the booting stage without reaching to the desktop page.

To reach to the desktop page successfully, I need to boot window in safe mode and select start window normally option. Once window is at the desktop page, program name "system progressive protection" will do the scanning automatically and listed out several infected files on my laptop. All the programs that I try to execute are prohibited by this malware.

I am very grateful for your help to solve this problem. I have done the HijackThis, DDS, and GMER scanning. Please see below log files. Thank you.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:49 PM, on 12/28/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Windows 7\Desktop\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{80FF17E2-C853-4D55-BF44-2D2602592757}: NameServer = 202.188.1.5,202.188.0.133
O18 - Protocol: mbox - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: mboxflash - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

--
End of file - 5398 bytes
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01).
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume1
Install Date: 9/5/2011 2:24:52 PM
System Uptime: 12/28/2012 9:04:53 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 148A
Processor: Intel(R) Atom(TM) CPU N475 @ 1.83GHz | CPU | 1828/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 98 GiB total, 55.666 GiB free.
D: is FIXED (NTFS) - 200 GiB total, 200.268 GiB free.
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 9
Angry Birds
Angry Birds Rio
Angry Birds Seasons
CyberLink PowerDVD 9
D3DX10
DivX Pro 视频编解码器
Google Chrome
HP Quick Launch Buttons
Intel(R) Graphics Media Accelerator Driver
Junk Mail filter update
Mesh Runtime
Messenger Companion
Microsoft Application Error Reporting
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
Oceanis Change Background Windows 7
QLBCASL
QQ影音2.9
Realtek Ethernet Controller Driver For Windows 7
Realtek PCIE Card Reader
Skype Toolbars
Skype? 4.2
Spybot - Search & Destroy
Starter Background Changer 1.4
Storm Codec
Synaptics Pointing Device Driver
UltraISO Premium V9.36
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
搜狗拼音输入法 6.2正式版
酷我音乐盒 2010
.
==== Event Viewer Messages From Past Week ========
.
12/28/2012 9:05:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/28/2012 9:05:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/28/2012 9:05:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/28/2012 9:05:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/28/2012 9:05:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom discache spldr Wanarpv6
12/28/2012 9:05:21 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
12/28/2012 8:21:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
12/28/2012 8:20:39 PM, Error: Service Control Manager [7000] - The ESET Service service failed to start due to the following error: The system cannot find the file specified.
12/28/2012 8:17:39 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
12/28/2012 8:17:39 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/28/2012 8:16:14 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The pipe has been ended.
12/28/2012 8:16:04 PM, Error: Service Control Manager [7034] - The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 8:16:02 PM, Error: Service Control Manager [7034] - The hpqwmiex service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 8:16:02 PM, Error: Service Control Manager [7034] - The Com4QLBEx service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 8:16:02 PM, Error: Service Control Manager [7034] - The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 8:16:02 PM, Error: Service Control Manager [7034] - The Application Virtualization Service Agent service terminated unexpectedly. It has done this 1 time(s).
12/28/2012 8:16:02 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/27/2012 12:43:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
12/27/2012 12:43:34 AM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/27/2012 12:40:20 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/27/2012 12:21:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/27/2012 12:21:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cdrom DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/27/2012 12:21:23 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/26/2012 9:31:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
12/26/2012 11:51:45 PM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 4 time(s).
12/26/2012 11:51:42 PM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s).
12/26/2012 11:51:31 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Windows 7 at 21:38:05 on 2012-12-28
Microsoft Windows 7 Starter 6.1.7600.0.936.86.1033.18.1012.552 [GMT 8:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
.
============== Pseudo HJT Report ===============
.
uWinlogon: Shell = c:\program files\oceanis\systemsetting\WallPaperAgent.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Windows 7 Starter Helper: {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - c:\program files\oceanis\systemsetting\StarterHelper.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [StormCodec_Helper] "c:\program files\ringz studio\storm codec\StormSet.exe" /S /opti
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{80FF17E2-C853-4D55-BF44-2D2602592757} : NameServer = 202.188.1.5,202.188.0.133
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\windows 7\appdata\roaming\mozilla\firefox\profiles\b4c0h0nh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2697549&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 85Play_Games Customized Web Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\filmfanaticei\installr\1.bin\NPpaEISb.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28.sys [2009-6-11 530944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-4-16 267880]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/09/05 17:14:17];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
S2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664]
S2 ekrn;ESET Service;"c:\program files\eset\eset nod32 antivirus\ekrn.exe" --> c:\program files\eset\eset nod32 antivirus\ekrn.exe [?]
S2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-12-2 483688]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 btmhsf;btmhsf;c:\windows\system32\drivers\btmhsf.sys [2011-7-19 225280]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2011-9-5 227896]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-9-5 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\drivers\iBtFltCoex.sys [2011-7-20 47104]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-6-11 657408]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\drivers\RtsPStor.sys [2011-9-5 228896]
S3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2009-12-2 550760]
S3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2009-12-2 195944]
S3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2009-12-2 21864]
S3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2009-12-2 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-12-2 209768]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-12-26 15:44:03 -------- d-----w- c:\programdata\702DDA846C177A390000702D6A5E81B9
.
==================== Find3M ====================
.
.
============= FINISH: 21:38:20.66 ===============


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-12-28 21:37:20
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST320LT022-1AE142 rev.0001EXM1
Running: iqe3rbkr.exe; Driver: C:\Users\WINDOW~1\AppData\Local\Temp\fglyikob.sys
---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 81A88579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81AACF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Users\WINDOW~1\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dae1ddc
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x01 0x72 0xD9 0x81 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dae1ddc (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x01 0x72 0xD9 0x81 ...

---- EOF - GMER 1.0.15 ----

A: System Progressive Protection malware

16 more replies
Answer Match 103.74%

Hello Experts,I have win 7 and installed Microsoft Security Essential (MSE) with latest updates. System Progressive Protection (Malware) showed up and hijacked my computer. My windows firewall is ON. I am wondering, how does this malware come into my system and changed folders/registry. How did MSE allow to make such changes? As I googled, there are suggestion to install additional antivirus software. Is it necessary to go in that direction? Thanks in advance.

A:System Progressive Protection - Malware

Welcome RIMD... Please follow our guide System Progressive Protection Removal Guide Post the log and tell us how it isThe log is automatically saved and can be viewed by clicking the Logs tab.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.

1 more replies
Answer Match 102.9%

Hey All,

I have the System Progressive protection Malware Issue.

I have shut down the main portion of this malware and I'm just waiting on the additional cleanup.

Thanks,
Cnon

A:I have the System Progressive protection Malware Issue

I'm clean now, would it be ok the link the guide I used?

Cnon

8 more replies
Answer Match 98.7%

First of all - thank you for your dedication to people like me!
I followed the removal instructions but then has a black screen when restarting my computer. Computer woks in safe mode.
I have done a Windows startup repair but it cannot be completed, I get the message that unspecified changes to system configuration might have caused the problem. Error code 0x490.
Also get Boot/BCD failed.
I have restored the computer and can work on it in normal mode. I still see the little lock of the Malware on my taskbar.
I have also purchased Advanced System Care to assist but I get no joy...
It seems like removal of the Malware also removes some system registry files but I am no expert.

Please, please help me!

A:Uninstall of System Progressive Protection Malware creates registery files problems

Please do the following:Please download DDS from either of these linksLINK 1 LINK 2and save it to your desktop.Disable any script blocking protection Double click dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop.---------------------------------------------------Please include the contents of the following in your next reply:DDS.txtAttach.txt. NEXTPlease download aswMBR to your desktop.Double click the aswMBR.exe icon to run itWhen asked if you want to download Avast's virus definitions please select Yes.Click the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well

40 more replies
Answer Match 91.14%

My system, XP Ser Pk 3, was infected by malware called "System Progressive Protection". I understand that this malware belongs to the Winwebsec family of rogue security products. It blocks its victims from accessing any other application on an infected machine. It would only allow access to IE, presumeably for paying the fee to clear it.
Unfortunately I contracted for a one-time-fix to be carried out by MYTECHGURUS. At their request I booted into Safe+Network mode and then watched as the downloaded a single anti-malware prog, MalwareBytes, and ran that. They then unloaded my installed Microsoft Security Essentials, which would not respond, re-installed it, updated it, and ran a Quick scan. They then declared my computer to be ok!!

Shortly afterwards I discovered that Security Essentials will not update. The pop-up says:
"Virus and Spyware definitions update failed.
Check Internet and Network connections and try again.
Error code: 0x80070424"
Other computers on the home wireless network Update without a problem and prior to this issue there was not a problem on this box.

The only way that I can update Essentials is by uninstalling and reinstalling. It will then update but following that update the error message recurs on the next attempt.

Also when I attempt to check if Windows Firewall is on by Run Firewall.cpl I get the message:
"Due to an unidentified problem, Windows cannot display Firewall settings"

I no longer trust the machine and would... Read more

A:After effects of malware "System Progressive Protection"?

16 more replies
Answer Match 86.94%

After reading your website I am sure I have System Progressive protection. I read the user guide written by Lawrence Abrams and have tried it a couple of times. I am using windows XP. I have followed the steps each time, but it does not seem to work. I boot into safe mode and then download one of the RKill downloads and it does it's thing and then posts a report on my desk top. Each time I have attempted to remove the vius/worm I have tried a different version of RKill. So then I move on to scanning my computer. I use Microsoft Security Essentials. I have run full scan twice and found and removed "unwanted software". Then when I have removed it I am prompted to "restart" the computer to let changes take effect. When it boots back up in normal mode the System Progressive Protection thing pops up again and obviously I did not get rid of it. I would guess one of two things is going on. Either it is not stopping the virus when I run RKill or I am rebooting back into normal mode and I should not be doing that. What should I do? With this description can you tell what I might be doing wrong? I know this is not a really serious problem but I would prefer to get rid of it. I am so close to fixing this issue but I can't seem to completely get rid of this thing. Please help. By the way. Thanks for the site. You all do wonderful work here. Thanks again. Looking forward to hearing from someone.

A:System Progressive Protection

Can anyone help me with the issue I am having? Thanks.

5 more replies
Answer Match 86.94%

Helloes
Pz say to me how to remove the System Progressive Protection which I was attacked by him.....Thnx

A:system progressive protection 3.7.17

Hello nrimawi.

Please follow these instructions closely here at this site.
System Progressive Protection Removal Guide <-Let me know if you cannot go to that site.

Post back with any questions and to let us know how things are going.

1 more replies
Answer Match 86.94%

I am running Windows XP using Firefox. I got the System Progressive Protection virus. I ran Malwarebytes and can use the computer now but "iexplore.exe" is still running in the background. Also, Microsoft Security Essentials pops up every few minutes with a "Detected threats are being cleaned" message. What do I do now?
Thanks, in advance.

A:System Progressive Protection

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next t... Read more

1 more replies
Answer Match 86.1%

Hi,
I got the System Progressive Protection a couple weeks ago, but have had only a little of time to work on fixing it since then. I have kept my computer off for much of that time, only when trying to fix it.

I am not sure if my trend micro didn't find it or the virus was not allowing it to find anything. I immediately went to safe mode and downloaded Malewarebytes and started scanning. It found quite a few files. I continued removing them. Then I rebooted. When starting, my computer would freeze after getting to the home screen. So I would go back to safe mode and rerun malwarebytes only to find a file again. I did this a few times with same result thinking the virus was somehow reinstalling itself on startup. Then finally no files were found. So I restarted and the computer still froze. I then realized that I was running two virus programs, Trend Micro and Malwarebytes and thought maybe they were interfering with each other. So I uninstalled Malwarebytes and restarted. My computer has not frozen since. I ran a full scan using Trend Micro and got a list of things that it has found and deleted or quarantined. I am wondering how I know if I have fully and successfully removed everything I need to from my computer and am ok to use like normal.
Any help is much appreciated.

Thanks.

----------------------

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Jason at 10:55:40 on 2012-12-09
#Option Extended Search is enabled.
Micros... Read more

A:System Progressive Protection - am I clean

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Close any open browsers, and all other programs working. Make sure you save your file if working on a document.
Do not install any other programs until this if fixed.[/b]
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass... Read more

11 more replies
Answer Match 86.1%

I am running Windows XP. Yesterday I got the "System Progressive Protection" virus. I used Malwarebytes to remove it and I can now use the computer but I have "iexplore.exe" running all the time. I tried to delete it in the Task Manager but it pops back up immediately. Also, I am using MSE and it now pops up every few minutes with a "Detected threats are being cleaned" message.
What do I do now?
I have attached the files I believe will be needed.
Thanks in advance.
 

More replies
Answer Match 86.1%

my computer was infected by Rogue "System Progressive Protection"
but it was protected by my NOD32 antivirus.
therefore some of it left on my computer eg. it's icon and some file without extension
on my C:\Documents and Settings\All Users\Application Data\(random number)

i am not sure that my computer is slower than before or not!!

i attached hijack this log file along with my post..
please help me to check is my computer still in good condition or not??...
Many thanks in advance
===============================================================================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:22:37, on 3/11/2555
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\... Read more

A:infected with System Progressive Protection

Hi jackoff

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

White Warrior

6 more replies
Answer Match 86.1%

Hello,

My computer was recently infected by System Progressive Protection virus, which I removed using RKill and Malwarebytes Anti-Malware. In the process, the Antimalware detected and removed several Trojans and Rogues. How do I ensure that my computer is not infected? Any suggestions on additional scans that can be performed?

Thank you so much.

A:System Progressive Protection Virus

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwar... Read more

12 more replies
Answer Match 85.26%

Had System progressive protection malware
ran Rkill, malwarebytes, and PSIS. Now I am getting a message that says

The Recycle Bin on C:\ is corrupted. Do you want to empty the Recycle Bin for this drive?

I said yes at first and when it said there were over 700 files I stopped it. Rebooted and got it again, this time I said no and tried to open the Recycle bin to view the files and it wouldnt let me.

Any suggestions????

Thanks,

A:malwarebytes removed system progressive protection

Hello,I will be helping you with your problems. Please be patient while I assist you.Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us Please do NOT run, install or uninstall any programs, unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post. Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process. Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Butt... Read more

1 more replies
Answer Match 85.26%

HelloI have a Sonay Vaio running Vista 32bitI had the System Progressive Protection on my laptop and ran rkill and MBAM and cleaned it.After that i lost use of my laptops keyboard and mouse but the USB keyboard/mouse work.I tried many thing with no success and have now restored all the files found by MBAM and now back to square one and realize i'm in over my head and need some help.Windows Update will not run as well as other servicesMS Security Essentials was on it but was getting errors so i uninstalled itMy Recylc Bin says it's corrupted as well.Here is the log from my most recent Rkill being ran in safemode and MBAMPlease Help!Rkill 2.4.3 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2012 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.htmlProgram started at: 10/01/2012 08:46:02 PM in x86 mode.Windows Version: Windows Vista ™ Home Premium Service Pack 2Checking for Windows services to stop: * No malware services found to stop.Checking for processes to terminate: * No malware processes found to kill.Checking Registry for malware related settings: * No issues found in the Registry.Resetting .EXE, .COM, & .BAT associations in the Windows Registry.Performing miscellaneous checks: * ALERT: ZEROACCESS rootkit symptoms found! * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack] * HKE... Read more

A:Zeroaccess Rootkit and System Progressive Protection

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At... Read more

22 more replies
Answer Match 85.26%

System Progressive Protection is a rogue security software which will report that malware has been detected on your computer in an attempt to scare you into buying this malicious software.
In reality, none of the reported issues are real, and are only used to scare you into buying System Progressive Protection and stealing your personal financial information.

As part of its self-defense mechanism,System Progressive Protection has installed a rootkit on your computer,which will disable the Windows Task Manager and will block you from running any program that could lead to its removal.

System Progressive Protection is a scam and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy this rogue security software as this could lead to identity theft,and if you have, you should contact your credit card company and dispute the charge stating that the program is a scam and a computer virus.
Removal instructions for System Progressive Protection virus​This is a self-help guide, use at your own risk.
If you experience problems completing this guide, or the problem persists after following the instructions below or would like to have one of our staff members guide you through the process, please start a new thread in our Malware Removal Assistance forum.
STEP 1 : Start your computer in Safe Mode with Networking

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.

Press and hold the F... Read more

More replies
Answer Match 84.42%

Hi all,

The other day I turned on to find malware on my computer - a fake antivirus called System Progressive Protection.

I have since:

- deleted the files from their origin folders
- ran the computer in safe mode
- run Rkill
- run malware bytes (having first updated)
- run hitman
- deleted all cookies and temporary internet files
- emptied my recycle bin

When I boot my computer in normal mode I get the message:

"recycle bin is corrupted" and I think it then asks if I want to empty it.

System progressive protection seems to have gone but i still have internet re-routing malware going - seekportal and doublee-click.net for example. These won't go no matter what I do.

In my task manager processes, something called atieclxx.exe is running, which I've read could be malware.

When I go back into safe mode and run malwarebytes, it doesn't pick anything up.

If somebody could please help me, then I'd be hugely appreciative.

Thanks,

Trevor

A:System Progressive Protection, Seekportal, Doublee-click.net

Oh, I've also made sure that in my LAN settings I do not have ticked "use a proxy server".

23 more replies
Answer Match 69.72%

Dell laptop, windows 7. Progressive protection virus shows up. It only had about 20 minutes to get the infection started when the computer came to me. Could not get programs to open. I started in safe mode. Did a system restore. Scanned with MSSE. All looks good. Is it gone or will it come back ?? I can get MWB on it tomorrow, if needed.
THANKS

A:[SOLVED] progressive protection virus windows 7

I just scanned with MWB. All clean. Must have gotten lucky, thats a nasty virus.

5 more replies
Answer Match 60.9%

I've already started the process with tetonbob through PM since my system wouldn't allow me to create a thread. I'll just post everything here in order, if it works.

A:Search Redirect Malware and progressive errors

Here is my initial problem with first step files.





Whenever I click on search results from different engines, some of the results will redirect me to things I don't want. I will do it many times before giving me the site I want. In the past, it would redirect via tru01.... now it is qo1q... or something. Mostly it sends me to sites of ......com/search with a favicon that is a stylish blue/green looped 2. On rare occasions, while the browser is open for a while, it will create a new window popup with different addresses like directdr with a green lon/lat atlas favicon.

I did have norton internet on the system but it has expired so I removed it. I've run malware bytes, spybot, superanti-spyware, ccleaner and avast. They sometimes found things but it never fixed the issue. Avast's active protection blocks somethings from time to time but doesn't stop all of it. The problem occurs on both firefox and IE, I don't use IE much but at one point my firefox stopped working. Chrome opens but won't load any sites. Superanti, ccleaner, and avast were all loaded after infection. Sometimes I get "General Host Process Win32" or something errors followed by the window and task bar style going plain brown. My volume controls don't work anymore. Sometimes one of my svchost.exe processes will spike to 99% and stick for a while. Java and Adobe have both been updated recently. In extreme instances, the computer slows to a halt and won't load anything and won't shut down with... Read more

15 more replies
Answer Match 60.48%

Pretty much any form of antivirus/antispyware programs that are installed have stopped working (IE: malwarebytes, spybot, HiJack This, and Panda) and wheni click some of them it says, "Application cannot be executed. The file is infected. The file is infected. Please activate your antivirus software."

Task manager also does not seem to work and gives the above error message. I also get some popups related to Protection System.

The DDS program/logger didn't work and also gave the above error; however, I was able to get a RootRepeal log and have attached it.

Thanks for your time.

A:very bad "Protection System" Malware

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.Download and run a batch file (peek.bat): Download peek.bat from the download link below and save it to your Desktop.Download peek.bat Double-click peek.bat to run it.A black Command Prompt window will appear shortly: the program is running. Once it is finished, copy and paste the entire contents of the Log.txt file it creates as a reply to this post.==========Please post the following logs in your next reply:* Win32kDiag.txt* Log.txt

27 more replies
Answer Match 60.48%

I have this annoying system protection malware and also maybe, I don't know for sure one that keeps redirecting me everywhere else. I have already used 3 different programs spybot and windows malware remover. I also used combofix and I already have the Log ready. I'm pretty technical savy so I hope that helps you. ComboFix 11-07-17.03 - jessie 07/17/2011 15:20:48.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3317.2098 [GMT -7:00]Running from: c:\users\jessie\Desktop\ComboFix.exeSP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\defender.exe..((((((((((((((((((((((((( Files Created from 2011-06-17 to 2011-07-17 )))))))))))))))))))))))))))))))..2011-07-17 22:50 . 2011-07-17 22:52 -------- d-----w- c:\users\jessie\AppData\Local\temp2011-07-17 22:50 . 2011-07-17 22:50 -------- d-----w- c:\users\Default\AppData\Local\temp2011-07-17 22:50 . 2011-07-17 22:50 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp2011-07-17 22:16 . 2011-07-17 22:16 -------- d-----w- c:\windows\system32\MpEngineStore2011-07-16 20:50 . 2011-06-20 15:57 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates&#... Read more

A:Malware system protection one

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Answer Match 60.48%

Here is my log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:44:04 PM, on 6/30/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exec:\Program Files\Common Files\Symantec Shared\ccProxy.exec:\Program Files\Common Files\Symantec Shared\ccSetMgr.exec:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\HPZipm12.exec:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.5.0\bin\jusched.exeC:\windows\system\hps... Read more

A:Protection System Malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 60.06%

Hi, all. First, thank you for everything you do. I've come to this site a couple of times over the years and everyone has been incredibly helpful. I really appreciate it.

Now I come once again with a malware issue. I thought Spyware Doctor had gotten rid of all of Protection System, but it seems there are still residual traces wreaking havoc. I can hear different programs clicking on & off in the background, but nothing shows up in task manager. Spyware Doctor is finding a new Trojan or spyware about once an hour. Firefox Google Search doesn't seem to work and when I go to Google directly, I'm sometimes redirected to a different site & another Google tab opens up. When I reboot, I get half a dozen of memory errors.

I ran DDS, but GMER just would not run at all. I can download the zip file, but the program itself just won't initiate an install. I have the same issue with MalwareBytes--it seems something is preventing these programs from loading.

If you have any insight as to what is going on, I'd appreciate any sage advice you have to offer. Thank you.

DDS.txt:


DDS (Ver_09-06-26.01) - NTFSx86
Run by Brigid Fitch at 19:22:51.92 on Mon 07/13/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.313 [GMT -4:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Protection System *On-access sc... Read more

A:Infected with Protection System malware

hi.

Let run your gmer in a different way. Follow the instructions below;

If you have the gmer.exe now, delete it please.

Redownload GMER from here:
http://www.gmer.net/files.php

Unzip it to the desktop.

---------------------------------
Open Notepad and copy/paste the contents in the code box below, into Notepad.

Code:
@copy /y gmer.exe gamer.exe
@Start gamer.exe -protect
Save this as kyrie.bat Choose to "Save type as - All Files"

It should look like this:

Place the batch next to gmer & double click kyrie.bat to launch it.

--------------------------------------------------------------------------

When the program opens and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for 'Show All'.
Click on Scan.
Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop.
Attach that ARK.txt in your next reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Mark

19 more replies
Answer Match 60.06%

I was surfing the internet and all of a sudden this protection system prompt popped up. I thought it was a legitimate windows prompt and thus clicked on it. It seems to have installed itself into my computer and has shut off my legitimate anti virus software. The Protection System program slows down my computer and it sometimes makes my screen go black and pops up with a prompt asking me to download more anti virus software. Sometimes it gets really bad with the pop ups and it doesn't allow me to do anything. I tried to download malwarebytes in order to solve this problem. I installed it successfully however, the protection system doesn't allow me to run malwarebytes. Same goes for my McAfee AV. Both are installed and neither one is allowed to run. Hope you guys can help with this problem. Thanks

A:Infected with Protection System Malware

We have a self-help area for removing common malware. Please see the tutorial How to remove Protection SystemWhen done, click the Logs tab and copy/paste the contents of the new report in your next reply.Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

3 more replies
Answer Match 59.22%

Laptop just got hit with this. Window opens stating its Malware Protection and starts running a scan, when I try to run or do anything else I get a pop up window saying app cant start infected with W32/Blaster.worm please activate malware protection. Also shows a sheild in the tray. Help me please.

More replies
Answer Match 59.22%

Hi, all. First, thank you for everything you do. I've come to this site a couple of times over the years and your advice has been incredibly helpful. I really appreciate it.
Now I have my own problem with a malware issue. My computer has become disabled. It boots to the desktop, but I cannot access anything with my mouse, and when I place the cursor in the taskbar, the hourglass icon appears. Sometimes the Protection System window would appear trying to tell me about some fake virus problems and to do an install.
I was able to delete any mention of Protection System from the registry through safe mode with command prompt, then regedit. That removed the Protection System screen from startup, but I still can't run any scans to send to you for review. Nothing works! I have to unplug the machine to turn it off!
Is there any other way to access scan programs to get this fixed?
I am running Windows XP with I believe Service Pack 3.

A:Protection System malware wreaking havoc

Bump, please!

Please help! I am still having trouble with this nasty malware one week later.

1 more replies
Answer Match 57.54%

Hi, as you can see by my Topic title, I am ready to tear my hair out trying to get this computer back to normal so any help would be GREATLY appriciated. My computer seems to be infected with a rogue anti-virus called Protection System, and it causes fake Windows Security Alerts to pop up every so often with claims that my computer is infected. Most forums I go to tell me that people who have this Malware can't search for help on Google, this is true in my case to a certain degree. Before EVERY link on Google I clicked made a pop up coming up, leading to some AD website called windowsupdate.com or something like that, but now it doesnt do that, but some websites are blocked and I find ways around them. On top of that after a couple of hours or so depending on the time, a system shutdown will start to countdown. Now most times I can avert this by simply clicking cancel whenever the task manager pop ups start occuring telling me to End Now and stuff, but sometimes it goes through. Also sometimes i'll get a process called IEXPLORE.EXE which I know isn't the REAL iexplore.exe because 1 it's UPPER CASE and 2 I use Opera, and the IEXPLORE.EXE will play random audio clips of commercials and scenes and stuff like that and I have to end the processes from the Task Manager. Also I have weird processes like: wscsvc32.exe, g106p.exe, freddy41.exe etc etc. I downloaded Malwarebytes but I had to save it and run it from my external hard drive because if i save it on my normal hard drive it ... Read more

A:HELP!! PROTECTION SYSTEM ROGUE ANTI-VIRUS MALWARE MAKING ME INSANE!!!

Also here is my Malwarebytes LOG as well:Malwarebytes' Anti-Malware 1.38Database version: 2297Windows 5.1.2600 Service Pack 26/26/2009 3:15:19 AMmbam-log-2009-06-26 (03-15-19).txtScan type: Quick ScanObjects scanned: 116506Time elapsed: 14 minute(s), 27 second(s)Memory Processes Infected: 3Memory Modules Infected: 0Registry Keys Infected: 11Registry Values Infected: 8Registry Data Items Infected: 0Folders Infected: 5Files Infected: 43Memory Processes Infected:C:\WINDOWS\freddy47.exe (Worm.KoobFace) -> Unloaded process successfully.C:\WINDOWS\system32\reader_s.exe (Trojan.Agent) -> Unloaded process successfully.C:\Documents and Settings\Compaq_Owner\reader_s.exe (Trojan.Agent) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\CLSID\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall&... Read more

3 more replies
Answer Match 55.02%

A new variant of the ACCDFISA Protection Center ransomware has been released called Malware Protection. The malware developers target Windows servers and appear to hack them in order to install the software. Once the Malware Protection ransomware is installed, it will lock you out of computer and create password-protected RAR archives out of your data that you can no longer access unless you pay a $300 ransom.

When installed, the Malware Protection ransomware will scan your computer for all files using certain file extensions and will use the command line RAR program to turn them into a password protected RAR archive. These files will be renamed with the .aes extension and are supposed encrypted with the AES encryption. You will then be prompted to pay a ransom in order to get the decryption key to restore your files. The decryption key starts with aes987156 and then the password for the RAR files is appended to it. The decrypt.exe program will read through the list of encrypted files and extract them to the proper location using the RAR password. In the past version of this malware, there have been some cases reported that the decrypt process actually deleted the files, so once you have the RAR password it is suggested that you use a manual method restore the files. A manual method using a batch file can be found in the How to remove and decrypt the ACCDFISA Protection Program guide.

The files that this infection installs can be found in the following locations:


... Read more

A:New ACCDFISA Protection Center ransomware called Malware Protection

Hello,

Thanks for all the tips. We have had a number of clients affected with both variants. All these clients had kaspersky installed! Does anyone know the source of these infections? Is it via email/web/RDP or manual?

Thanks
Nihar

more replies
Answer Match 53.34%

  I am a bit unsure of difference between malware protection and anti-virus protection. I have Norton nis which is great for stopping Trojans. I have a company that works on my computer if I have a problem. They wanted me to put in a anti malware program. I have been having problems with computer lately, so I let them do this, could this cause a problem, because I know that you are not supposed to run 2 anti-virus programs?
          Anyone?

A:Difference between malware protection and virus protection

Anti-virus and anti-malware programs each perform different tasks as it relates to computer security and threat detection. Essentially, they look for and remove different types of malicious threats. In simplistic terms, an anti-virus program will focus on viruses, worms, Trojans, rootkis and bots while anti-malware programs generally tend to focus more on spyware, adware and PUPS (potentially unwanted programs)?. However, there can be some overlap in functionality and detection features depending on the program's scanning engine, how the vendor defines a specific threat and what Naming Standards are used. Some vendors also add a modifier or additional information after the name that further describes what type of malware it is.The Difference Between Antivirus and Anti-MalwareAntivirus and Antispyware Software: What's The Difference?What Is the Difference Between Antivirus & Antispyware?Use Anti-Virus and Anti-Spyware SoftwareTo fully understand the difference between Anti-virus and Anti-spyware (anti-malware) programs, you need to understand the difference between the various types of malware. Please read the Glossary of Malware Related Terms.

6 more replies
Answer Match 52.92%

Thanks in advance to the BleepingComputer users for helping me and others with this malware/virus problem: On December 14, 2011, the System Fix Virus & Privacy Protection Virus hijacked and infected my system: WinXP (64-bit). They've caused my default web browser to change frequently (each time I reboot my PC). So I've been having trouble getting rid of all of this malware/viruses from my system, since I use Windows XP x64. The latest version(s) of ComboFix and TDSSKiller don't work on the 64-bit version of Windows XP, but they are compatible with other versions of Windows: 98, XP, VISTA, 2000, 2003, 2008 and Windows 7! The following programs were made for other operating systems, so I need a solution to these 3 problems (listed below)e: ComboFix.exe and TDSSKiller.exe are not compatible with my Windows XP 64-bit system. So how do I get rid of the malware/viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS's?:1. System Fix Virus (reference: http://www.bleepingcomputer.com/forums/topic432547.html)2. Privacy Protection Virus (reference: http://www.bleepingcomputer.com/forums/topic432664.html)3. Google-Redirect Malware (reference: http://www.bleepingcomputer.com/forums/topic416561.html)

A:Infected WinXP 64-bit with "System Fix Virus" & "Privacy Protection Virus" (Malware)

That is coorect they will not.. If you need to remove malware stiil then please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Include a link back to this topic.Let me know if that went well.

1 more replies
Answer Match 50.82%

.
I am getting a lot of pop ups telling me my computer is infected and it will not stop. I was told that "system progressive Security" was a very bad one "malware" I seriously need help fixing it bcz I don't have $100 that everyone is asking

Thank you,
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/6/2012 8:29:09 PM
System Uptime: 10/12/2012 9:19:07 PM (0 hours ago)
.
Motherboard: eMachines | | EL1358G
Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 2812/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 855.3 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP54: 8/7/2012 5:02:15 AM - Windows Update
RP55: 8/14/2012 5:02:17 AM - Windows Update
RP56: 8/15/2012 3:00:11 AM - Windows Update
RP57: 8/16/2012 3:00:12 AM - Windows Update
RP58: 8/21/2012 5:20:58 AM - Windows Update
RP59: 10/10/2012 5:58:01 PM - Windows Update
RP60: 10/10/2012 6:10:31 PM - Installed VIPdesk Scan Utility
RP61: 10/11/2012 3:00:13 AM - Windows Update
RP62: 10/11/2012 9:26:06 AM - Installed J2SE Runtime Environment 5.0 Update 17
RP63: 1... Read more

A:"system progressive security"

12 more replies
Answer Match 49.98%

Privacy Protector, Error Cleaner and Spyware&Malware protection, it pops up a message saying my computer is infected and keeps opening internet windows even when i change the homepage away from the site it wants to go to. it is really slowing my laptop down, and when u attemp to close the pop ups or delete the desktop icons, it frezzes the laptop and the only way to resolve it is to restart but it just comes back no matter what, norton will not pick it up either. it is causing my laptop start up and loading time to be epic and is making it unusable, this topic has been fixed before by RichieUK on: http://www.bleepingcomputer.com/forums/t/105116/privacy-protector-error-cleaner-spyware-malware-protection/ i have the exact same thing. should i just follow those steps or wait for specific advice for my system? Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:00:05, on 03/09/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\S... Read more

A:Malware, Privacy Protector, Error Cleaner And Spyware&malware Protection

Hello,* Download Combofix to your desktop.Doubleclick combofix.exeFollow the prompts.Don't click on the window while the fix is running, because that will cause your system to hang.When finished and after reboot (in case it asks to reboot), combofix will open again to gather the necessary information for the log. This may take a bit. When done, Combofix will close and a log should open, combofix.txt. Post the contents of this log in your next reply together with a new hijackthislog.Do NOT post the ComboFix-quarantined-files.txt - unless I ask you to.

27 more replies
Answer Match 49.56%

This showed up when i started up my computer last night (I'm running XP). My desktop background changed to red with biohazard type logo, windows keep popping up trying to sell me protection, etc. when it first showed up some of my desktop icons dispeared and i couldn't get into my c drive, but that seems to have stopped for the moment.I've run my Kasperskys Antivirus, which says it can't delete it, disinfects it, but doesn't seem to change anything.I've also used System Mechanic 5, Spybot Search and Destroy, Smitfraudfix (i saw this suggested to someone else veiwing another forum- and it seems to work and everything looks good for 5 minutes, but then low and behold it comes right back) plus RegClean, RegistryFix, Tracks Eraser Pro, BugDoctor- to try and clean stuff out- some things seem to get rid of it, but then it returns. I've been looking it up on google to see what other people did, and trying these things, but obviously this strategy hasn't worked. its just given me a headache.I'm out of my depth. I really need help! Thankyou in advance for your wisdom.Here are my dss reports:Deckard's System Scanner v20071014.68Run by Aqua Dragon on 2008-06-08 11:54:45Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --5: 2008-06-08 15:54:53 UTC - RP230 - Deck... Read more

A:I Have An Error Cleaner, Privacy Protector, Spyware And Malware Protection Problem (virus? Malware? Trojan?)

Hi,Please uninstall the following programs since they are known to cause more damage than anything else:RegistryFix v6.2Bug Doctor 3.0.3.8Reboot afterwards.After reboot, * Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixThis includes installing the Windows XP Recovery Console in case you have not installed it yet.Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

2 more replies
Answer Match 46.62%

I've had the System Integrity Scan Wizard, PC-Antispyware, and Security System Protection Control Panel popups. They've been very stubborn but after reading some of the posts here and running Spybot, Adaware, SmitfraudFix, Panda Activescan, Housecall, Stinger Avert, Windows Defender, and SDFix, I am now getting only one popup, which shows up as a blank white rectangle in the center of the screen (and now I can't click "Close" to get it off the screen, since the "Close" option is missing). From the size & shape, I believe it's the Security System Protection Control Panel. Would you please review my HijackThis log? Also, in some of the posts I've noticed recommendations to update Java. Is that needed in my case? Thanks very much for your help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:55 PM, on 3/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Sh... Read more

A:System Integrity Scan Wizard, Security System Protection Control Panel

The blank popup appeared to be repopulated with information over time...apparently the spyware refreshed itself. I also learned from Task Manager that all of my popups were from the System Integrity Scan Wizard. After some more searching, I found the name (in my case, yzqrqzkp.exe) and told Norton Firewall to block it from accessing the internet. I used HijackThis to fix it and then deleted it and a namesake (YZQRQZKP.EXE-1253B76A.pf) from Windows\Prefetch (not sure that was necessary but deleted it anyway). My only concern is that from what I read, there should have been another copy in \Local Settings\Application Data, which I didn't find. I updated Java per instructions in another post, also turned System Restore off and on. I think the PC is now clean, but would you review my latest HijackThis log to be sure? Thanks very much.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:05:26 AM, on 3/30/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Syman... Read more

14 more replies
Answer Match 46.62%

I've had the System Integrity Scan Wizard, PC-Antispyware, and Security System Protection Control Panel popups and my backround change to a blue colour. After reading some of the posts here and running Spybot Search and Destroy, Ad-Aware 2007, RegCure and Malwarebytes Anti-Malware it seems as if that problem was solved, but now everytime I put my pc on I get these messages:The first one says "rundll32.exe - Bad Image : The application or DLL C:\WINDOWS\system32\qpfrsnow.dll is not a valid Windows image. Please check this against your installation diskette" and the second one says "RUNDLL -Error loading C:\WINDOWS\system32\qpfrsnow.dll%1 is not a valid Win32 application".The disk that I got when I bought my pc was Windows XP Home Edition SP1. I downloaded SP2 from the internet.I'm attaching all of the logs you need to assist me, because I don't know if and how badly my pc is still infected.I attached 4 log files: 1. DSS Main.txt 2. DSS Extra.txt 3. Kaspersky 4. DSS Main.txt - after the Kaspersky reportThank you for taking the time to look into my problem.DSS MAIN.TXTDeckard's System Scanner v20071014.68Run by Parratjie on 2008-04-17 09:29:31Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------... Read more

A:System Integrity Scan Wizard, Security System Protection Control Panel

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =O4 - HKLM\..\Run: [e43075dd] rundll32.exe "C:\WINDOWS\system32\qpfrsnow.dll",b================Click Start -> Control Panel -> Add Remove Programs and uninstall these programs:J2SE Runtime Environment 5.0 Update 11 Java? 6 Update 2 Java? 6 Update 3 Java? SE Runtime Environment 6 Update 1Reboot and post a new hijackthis log.

37 more replies
Answer Match 46.62%

I have windows 7 home premuim 64 bit
I went to create restore point on my new dell and after about an 1/2 hour of waiting for SR to open up I got this:

You have no Restore Points. Use System Protection to create restore point.
When I attempt to turn on System Protection, it doesn't show any drives available when it opens -- it just says that it's searching for available drives and it keeps searching and doesn't stop. Eventually, I'll receive the following Error Message:

"There was an unexpected error in the property page: System Restore encounter an error. Please try to run System Restore again (0x81000203)." also all button are greyed out. I wanted take an image to show you but that's not working either. Is there hope?

Thank you.

 

A:Windows 7 Home Premuim System Restore and System Protection not working.

16 more replies
Answer Match 46.62%

My PC is infected with 3 malware popups named Security System Proctection Control Panel, System Integrity Scan Wizard and Security System Warning (the last one telling me I have Abebot). I have tried to get rid of them with Kaspersky Antit-Virus, Adaware, spyware sweeper, and SpybotSD, but they are still running. I didn't run the online scan by Kaspersky because I have the most recent version installed and running on my PC. When I ran a rootkit scan with KAV, it took just over four hours and reported my PC was clean. So for whatever reason Kaspersky is not picking up these three forms of malware. Following all other directions on your preliminary instruction list I used Deckard's System Scanner to make two Hijack This files. They are pasted in below. Please take a look and tell me what I should do to get rid of this malware. Thank you very much for this valuable service you are providing.-- Dark EagleDeckard's System Scanner v20071014.68Run by Perry H. Chesnut on 2008-04-18 23:11:18Computer is in Normal Mode.--------------------------------------------------------------------------------Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Perry H. Chesnut.exe) ------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:47:35 PM, on 4/18/2008Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:F:\WINNT\System32\smss.exeF:\WIN... Read more

A:Security System Protection Control Panel & System Integrity Scan Wizard Popups

Hello Dark Eagle. to BleepingComputer.comMy name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)Please give me some time to look over your computer's log(s).Please take note of the following:In the meantime, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Finally, please reply using the button in the lower left hand corner of your screen.See you soon,Billy3

2 more replies
Answer Match 46.62%

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system ca... Read more

More replies
Answer Match 46.62%

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system cannot fin... Read more

More replies
Answer Match 46.62%

Hello,
 
I have recently successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.
 
However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.
 
I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned :D/ drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.
 
So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system... Read more

More replies
Answer Match 46.62%

The following will be an incomplete report on removing "Malware Protection" aka "Best Malware Protection". I'm posting because I found little help on this scareware infection, and most of it was inaccurate.
1) This malware completely locks out the normal user environment. One can not access Task manager to kill the process.
2) You CAN however safe-mode boot, but:
a) there is no networking, b)there are no folders anywhere, including the contents of Control Panel. It's empty. Also, you can not change keybd or mouse, nor plug the original working units into different ports. PNP is not working!!
What worked:
1) Get mouse and keyboard working by trying usb ports until they work (I took the pc home for shop-repair, but could not work on it because even in safe mode, no kbd or mouse would work)
2) Log into "safe mode with networking".
Used the "run" command from the start menu to open a command window. found no network, and that no NIC was available...
Used services.msc to find that nearly all were disabled! Enabled network required services and got networking / internet access.
launched iexplore from the cmd window, downloaded and installed Malwarebytes.
Pc is now clean, but, all hard disks appear empty, all menu folders are empty, "programs" is empty except for the just installed MBAM...
... Found that ALL files and folders had the "hidden" attrib. set. Reset them all. Now "programs" was pop... Read more

More replies
Answer Match 46.62%

Hello Bleepers:

I searched for this malware name on your site and I cannot find.

I am sure it is like other of these falsely named Security Prevention malwares as well.

I tried rKill (as iexplore) and it was prevented from opening. Malwarebytes prevented from opening.

Has anyone had experience with this one and determined the procedure to remove?

Thanks for any and all help

A:Malware called "Malware Protection"

I am having the same problem. It just appeared. I had RKill and Malwarebytes already downloaded and it disabled them both. It also disabled my internet as well as my task manager. I am so frustrated with these viruses. I only got rid of the windows recovery a few hours ago. I need my computer to work from home and am having a terrible time with this. Please let me know what can be done to fix it. Thanks

3 more replies
Answer Match 46.2%

I've tried to open System Protection in System in the Control Panel but it will not work. It gives an error of 0x81000203. I've rebooted and attempted but get the same thing each time.

A:System Protection not working in System Control Panel

Follow instructions on this page error code 0x81000203__ - Microsoft Community

Scroll to the 2nd answer by Meghmala

6 more replies
Answer Match 46.2%

Please help!!! Pics included to explain the situation
Basically after installing some new software for my phone my windows 7 laptop crashed - it flashes a blue screen and restarts on boot up I can get to image 1 page to try a system repair
But then I need to enable system protection.. Image 2
Is there any way I can do this through a command prompt??
Thank you in advance!!!

A:Enable system protection to preform system restore

Sorry images didnt upload???

9 more replies
Answer Match 45.78%

The System Fix Virus & Privacy Protection Virus hijacked and infected my system: WinXP (64-bit). They've caused my default web browser to change frequently (each time I reboot my PC). So I've been having trouble getting rid of all of this malware/viruses from my system, since I use Windows XP x64.

ComboFix.exe and TDSSKiller.exe are not compatible with my Windows XP 64-bit system. So how do I get rid of the malware/viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS's?:

The latest version(s) of ComboFix and TDSSKiller don't work on the 64-bit version of Windows XP, but they are compatible with other versions of Windows: 98, XP, VISTA, 2000, 2003, 2008 and Windows 7!

1. System Fix Virus (the first virus that affected my Windows system, 2 days ago.)
2. Privacy Protection Virus (behaves almost exactly like the aforementioned virus)
3. Google-Redirect Malware (redirects all my searches to this site: 63.209.69.107)

Thanks in advance to ANY users for helping me and others with this malware/virus problem: I understand and read the previous pinned-thread about the revelant malware/virus issue that Windows-users solved with the programs I've been unable to install on my system. The aforementioned malware/viruses began to infect my PC on December 14, 2011 (since that day, I haven't found a single anti-virus program that can detect the Google-redirect malware/virus on my system).
&nbs... Read more

More replies
Answer Match 45.36%

When playing wow My tracert starts out like this:
Tracing route to us.logon.battle.net [12.129.206.130]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms homeportal [192.168.1.254]
2 25 ms 24 ms 24 ms 108-213-76-2.lightspeed.frokca.sbcglobal.net [108.213.76.2]
3 * * * Request timed out.
4 26 ms 25 ms 147 ms 75.29.64.72
5 26 ms 24 ms 27 ms 12.83.77.137
6 37 ms 37 ms 36 ms gar20.la2ca.ip.att.net [12.122.128.181]
7 38 ms 37 ms 38 ms 12-122-254-238.attens.net [12.122.254.238]
8 38 ms 39 ms 39 ms mdf001c7613r0004-gig-10-1.lax1.attens.net [12.129.193.250]
9 12.129.211.38 reports: Destination net unreachable.

Then my world lag starts increasing roughly after 15min to and tracert looks like this:
Tracing route to us.logon.battle.net [12.129.206.130]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms homeportal [192.168.1.254]
2 25 ms 24 ms 25 ms 108-213-76-2.lightspeed.frokca.sbcglobal.net [108.213.76.2]
3 * * * Request timed out.
4 * 27 ms 25 ms 75.29.64.72
5 23 ms 24 ms 29 ms 12.83.77.137
6 37 ms 36 ms 37 ms gar20.la2ca.ip.att.net [12.122.128.181]
7 39 ms 39 ms 38 ms 12-122-254-238.attens.net [12.122.254.238]
8 37 ms 37 ms 38 ms mdf001c7613r0004-gig-10-1.lax1.attens.net [12.129.193.250]
9 12.129.211.38 reports: Destination net unreachable.
Trace complete.
Then I start to freeze randomly and world ping goes through the roof (3000ms +). The Tracert looks like:
Tracing route to us.logon.battle.net [12.129.206.130]
over a maximum of 30 hops:
1 2 ms 1 ms 1 ms homeportal [192.168.1.2... Read more

A:Progressive wow lag

8 more replies
Answer Match 45.36%

I have a Win10 Pro and ran MR to create a system image backup.
It went well but it turned of system protection.
A message shows up with a warning yellow triangle that reads.
Using system protection on a drive that contains system image backups will cause other shadow copies to be deleted faster than normal.
--- How do I stop system protection from being turned off?

I have another Win10 computer and created a MR system image backup on that one also.
System protection wasn?t turned off on that one.

I do not use shadow copies: If shadow copies are in use on my computer it doesn?t matter to me if that is the case as I don?t know how to use them anyway. I just don?t want system protection turned off.

A:I don抰 want system protection turned off when I do a MR system image

Hi,

The available disk space on the pc with the warning issue is probably too small to store both backup images (MR) and system protection image.






I do not use shadow copies:



Actually you do. System Protection is a form of Shadow Copying.

Furthermore, it's not wise policy to store backups on the same physical drive as your system. Still better than nothing but all in all not sound practice.
Better to store back up on an ext. removable drive.

In the mean time you could reduce the amount of space allocated to System Protection and see if that helps any.

Cheers,

1 more replies
Answer Match 45.36%

I need help on how to remove the (system reserved) folder under Available Drives in protection settings. On all my other computers it is not shown. Not sure why it is there as it does not show anywhere else on computer as a drive. I guess it just bugs the hell out of me not knowing why it's there. Any help would be appreciated.

A:In System Protection under Available Drives (System Reserved)

Look in Disk Management and see if the Reserve has a partition letter.

9 more replies
Answer Match 45.36%

My Toshiba Notebook (x64) (running Windows 7) has stopped being able to open/run programs. I've been using safe mode to try and find a cure, and safe mode works fine. I ran a few antivirus programs that detected a few things, but none of them solved this issue. Using System Restore seems to be the only thing I can really do, but I've been having some troubles with it.

Only one System Restore point shows up, and it's only from a few days ago, which isn't far back enough to fix my problem (I've already tried restoring it to that point). There are no other options as you can see here and here.

I tried to create my own restore point, but ran into some problems. When I go into "System" the "System Protection" option is missing. I only have these three options:

When I use the search bar to find it instead, "Create a restore point" comes up, but when I click and it opens System Properties, the "System Protection" tab is missing.

When I looked it up, someone had suggested running Regedit and checking HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR but I couldn't get that far.

If anyone could help me out, it would be greatly appreciated.

A:Troubles with System Restore/System Protection

Hello esu and welcome to Seven Forums.

Have you verified that System Protection is turned on? (If it is, try turning it off, restarting the computer, turning it back on, and restarting the computer one more time.)

System Protection - Turn On or Off

See if you can manually create a restore point.

System Restore Point - Create

If not, your computer may have damaged or corrupt sytem files. Try running a system file checker scan from an elevated command prompt (option two.) If problems are found, run the scan 3 times and make sure to reboot the computer immediately after each of the scans.

SFC /SCANNOW Command - System File Checker

4 more replies
Answer Match 45.36%

Hi Everyone

I went on my laptop this morning and it said I needed to run a system restore. Unfortunately when I try to it says I need to enable system protection on my C drive. I've been searching the web for a solution for the past couple of hours and it seems like quite a common problem. However I've tried all of the suggested solutions and nothing seems to work. I'm not the most computer literate so some of the suggested didn't make the most sense. If anyone has any suggestions to help the matter it would be very much appreciated.

Thanks

A:How do I enable system protection for system restore?

System Protection - Turn On or Off

3 more replies
Answer Match 45.36%

 I have a screen shot of it.  There is the Local Disk (C:) listed and then this other.
 Capture.PNG   126.43KB
  0 downloads

A:Under System Prop, and System Protection what is (C:) Missing ?

Post an Image from Disk Management Screen.
 
Control Panel / Administration Tools / Computer Management / Disk Management.
 
This will show all current active drives.
 
 
 

11 more replies
Answer Match 45.36%

Hi, I defragged my registry (castigate me later, please), and well, my system crashed. I'm running Windows 7 Home Premium 64 bit on a Lenovo laptop, and on startup, I get a blue screen claiming that the OS couldn't boot, and the option to try a system repair. After analysis, it says that it can't repair the system automatically, and offers more advanced options. I can try a system restore, but after selecting a restore point (clearly the one created before defragging the registry), system restore says that I must enable system protection on the drive. I don't remember disabling it, and I don't know how to enable it without access to the desktop.
From those same advanced recovery options, I can use a system image recovery (don't have an image to recover from), the windows memory diagnostic (it claims there's no memory error), or the command prompt. I know very little about using the command prompt, but I can open the task manager at least, though not explorer.exe or msconfig.exe (the prompt claims they're invalid commands).
I've tried booting in safe mode, with the last known good configuration, with boot logging, and everything else from that menu, as well as a Windows 7 recovery disc (though I believe this disc just provides the same options as those installed on the laptop.
If possible, I'd like to know how to enable system protection from the command prompt window so that I can continue with the system restore. I'm quite certain that the error lies in the defragmentation... Read more

A:System Restore - Enabling System Protection

right click my computer/properties/advanced system settings/system protection/ high light your drive, click configure,now click( restore system settings and previous versions of files)
OK and exit

7 more replies
Answer Match 45.36%

I have this pop up on one user of my PC. How can I remove this? Also is the high jack this log below. Any help you can provide would be great.
 

 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:32:33 PM, on 10/3/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
 
FIREFOX: 32.0.3 (x86 en-US)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
c:\program files (x86)\teamviewer\version9\TeamViewer.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Michelle\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Mic... Read more

A:Malware Protection 360 pop up

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.    HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs i... Read more

15 more replies
Answer Match 45.36%

I am also infected with the "Best Malware Protection" problem and have done what you suggested here
http://www.bleepingcomputer.com/forums/topic385295.html
Here are the results. Please help thanks Brad.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6077

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

3/16/2011 9:21:10 AM
mbam-log-2011-03-16 (09-21-10).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 256125
Time elapsed: 31 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 760
Registry Values Infected: 17
Registry Data Items Infected: 7
Folders Infected: 1
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SO... Read more

A:Best Malware Protection

What you need to fix here that was not in those istructions is your HOSTS file this malware adds items to to prevent you from accessing certain sires.Microsoft has a tool to automatically do this for you. Click Me select Run .Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.Please ask any needed questions,post logs and Let us know how the PC is running now.

3 more replies
Answer Match 45.36%

I came across this article that demonstrates how extremely effective a feature like AppLocker is. It becomes very reliable when applied to 500 Windows 7 computers over 3 years as in this case. The result: Not a single malware infection compared to several a week prior to applying AppLocker! Amazing

Free, almost perfect, malware protection with GPO App Locker - Spiceworks

Windows 7 versions:
For Enterprise and Ultimate AppLocker is built-in: AppLocker - Create New Rules
Professional has SRP(Software Restriction Policy): Preventing computer malware by using Software Restriction Policies. | Peter Gubarevich
For Home versions there are similar products available like AppGuard(pay software): AppGuard Review | MalwareTips.com
or Simple Software-restriction Policy: Wilders Security Forums (written by a well known Wilders member)

Personal experience
I'm using SRP and have configured it to only allow executable files to start from the Windows and Program Files folder, folders that require admin permissions to write to. Executable files include exe, com, bat, vbs, dll and more. This basically mean that only installed programs and those part of Windows can start. Any downloaded executable files or files from other drives including USB ones will not be allowed to execute.
Many automatic program updates(including Windows Update) will still work, but apps using files in user folders or in temp folders won't, for example Firefox. So to update such a program or install a new ... Read more

A:Best protection against malware?

Hi,
Sounds like pretty extreme measures
I suppose that last popup message needs a "Mother may I" if I promise to eat all my veg's

9 more replies
Answer Match 45.36%

I have Nortons 360. It has Anti-Virus Protection,but no Maleware Protection. Should I get another program for Malware Protection? Thank You
 

A:Do You Need Malware Protection

Download and install the free versions of

Malwarebytes Anti-Malware 1.60.1.1000

SUPERAntiSpyware 5.0.0.1144

Make sure to update their definition files during the install process.

After that's done, restart the computer.

Run a quick scan with each one.

Once the scan is finished, select and remove EVERYTHING that was found.

Restart the computer, if prompted to, so the removal process can finish.

-----------------------------------------------------------

I recommend doing a quick scan weekly and a full/complete scan monthly.

Always make sure to update the definition files first BEFORE running a scan.

-----------------------------------------------------------
 

3 more replies
Answer Match 45.36%

I came across this malware today at work and i think what it does is create a fiddler proxy to intercept the ssl certicates.
 
I noticed the work citrix ssl certicate had DO_NOT_TRUST in the issuer field. On firther investigation it looks like it was intercepting the ssl certicate and replacing it with a remote fiddler proxy, essentially saving all the login and passwords during ssl sessions. I gathered this from the status messages that was seen during the login process.

A:Malware protection 360

MalwareProtection360 Analysis = Potentially Unwanted Program (PUP)

3 more replies
Answer Match 45.36%

i used this guide http://www.bleepingcomputer.com/virus-removal/remove-spyware-protection
i think i have other problems please help...
Scan saved at 1:35:58 PM, on 6/4/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32&#... Read more

A:Malware Protection

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

17 more replies
Answer Match 45.36%

Hello geeks:what do you think about Zemana Antimalware,i have heard that is have good realtime protection against ransomware.
 

More replies
Answer Match 44.94%

If a progressive scan DVD player is connected to a TV which is interlaced will it play as progressive scan?Is LCD screen progressive or interlaced?
 

More replies
Answer Match 44.52%

I have a Dell Dimension 8200 with XP, SP2 with AVG, A-Squared, Spybot Avast, Kapersky and Comodo with DSL connection. I noticed my computer it was unusually slow lately even with only (1) program running. I realized part of the problem is that I only have 256MB of RAM which I'm upgrading but I thought perhaps I might have infected with a virus or malware. So I posted my problem to http://groups.google.com/group/microsoft.p...5f61e71c36c6947after going through a series of steps to identify the problem suggested by one of the membersI now suspect that I'm infected with the following:O3 - Toolbar: (no name) - {a2595f37-48d0-46a1-9b51-478591a97764} - (no file) "ProtectionBar, rogue 'security software', related to the notorious PS_Guard/SpywareQuake/WinAntivirus foistware and detected as a variant of the FakeAle aka Zlob or Puper trojan." Here is my Hijackthis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:50:40 AM, on 1/15/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC... Read more

A:Infected With 'protection Bar' Malware

The problem has been resolved using SUPERAntispware.

2 more replies
Answer Match 44.52%

Windows Security Center told me my Malware protection is off. I never turned it off. It told me to open it via Kaspersky, I did. I also noticed I should update kaspersky as well, so I did. When I tried to run kaspersky via Windows Security, kaspersky poped up on the lower left of the tool bar and said I need to update my license. I DON'T. Not for another 99 days to be exact.

Anyways, after I updated Kaspersky the maleware was fine. Then kaspersky told me to shut down my computer for it to properly work. I DID. I TURNED IT BACK ON, kaspersky was no longer on my lower left tool bar and my windows security center said the Malware protection WAS STILL DOWN. I manually pulled up Kaspersky and you can't see anything. I'ts all white. This computer is my life. I need this to pass school. Windows defender is currently trying to protect my computer. Please note. I also uninstalled limewire off my computer already.

A:please help. Malware protection not working

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 44.52%

I have the latest Norton Antivirus Protection. In reading some posts, i have read that sometimes a malware virus may infect even if one has protection. Is there a product that effectively does both?

A:Malware & Security Protection

No security software is foolproof.

4 more replies
Answer Match 44.52%

My computer started running slower then usual when I started having trouble with my internet connection. I have a wireless USB adapter in order to get internet on my desktop computer. I had one called D-Link which I thought was malfunctioning so I uninstalled it and tried reinstalling it. I was having errors getting it to work in which I decided to install my other USB wireless adapter 2wire. The internet started to work but would still cut off and not be able to re-engage unless i restarted my computer.

The other issue I am having is that a program by the name of malware protection installed itself onto my comp and I can't get rid of it. When looking into where it is located it is under the name of defender.exe. Also I can't use system restore at all, even in safe mode.

And When i was surfing the web there would be times when i would click on a link and be redirected to an entirely different thing. Also when I start my computer an error message pops up saying AirGCFG.exe-Entry Point Not Found (The procedure entry point apsSearchInterface could not be located in the dynamic link library wlanapi.dll.)

I will include a copy of a HJT Log. I had to save the HTJ install file to a flash drive and transfer it to my desktop in which the only way i could install it was in safe mode. And the only way i was able to run the program was also in safe mode.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:52:13 PM, on 4/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2... Read more

A:Malware Protection (Defender.exe?)

6 more replies
Answer Match 44.52%

Hello,

I am currently running Vista Ultimate on my computer and recently I have acquired the Malware Protection virus on my computer, which constantly tries to get me to buy its fake software and will not allow me to open any programs or applications.(In case you are wondering, I am using another computer right now.)

Whenever I try to open something, my computer displays the "W32 Blasterworm virus" thing in the lower right hand corner of my screen. I had Malwarebytes installed on my computer before I got the virus, however the virus will not let me open that program. I also tried doing System Restore, but like I said, my computer won't let me open anything.

I tried to run my computer in Safe Mode, thinking that I could run Malwarebytes in Safe Mode and my problem would be solved, but whenever I try to get into Safe Mode, I get a "Input Not Supported" screen. I looked up that problem and it seems like I need an older monitor, but I don't have one of those available. I'm also not sure if the error I'm getting is because of the virus, or because I need an older monitor because of something to do with the resolution, like I said. (Bear with me- I'm really not very good with computers!!)

Is it necessary for me to run my computer in safe mode in order to get rid of the virus? Are there any solutions I can do myself to fix the problem and get rid of the virus?

Thank you,
any help would be greatly appreciated.

Also, if you need ... Read more

A:Malware Protection Virus

g

1 more replies
Answer Match 44.52%

i got this malware that tells me that i need to protect my computer from virus and what not (its a virus itself). i have tried MBAM but it crashes when i click ok right after a scan is done. the malware locked me out of the taskmanager but i have worked around that by changing the reg key for that. i am going to post my dds and hijackthis logs first then hopefully the gmer log. it seems that my comp resets itself once in a while since i got this.DDS (Ver_10-03-17.01) - NTFSx86 Run by Taylor at 22:49:55.29 on Wed 06/02/2010Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_15Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.802 [GMT -6:00]AV: Protection Center *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}============== Running Processes ===============E:\WINDOWS\system32\nvsvc32.exee:\windows\system32\svchost -k dcomlaunchsvchost.exee:\windows\system32\svchost.exe -k netsvcse:\windows\system32\svchost.exe -k wudfservicegroupsvchost.exesvchost.exeE:\WINDOWS\system32\spoolsv.exeE:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeE:\WINDOWS\Explorer.EXEE:\DOCUME~1\Taylor\LOCALS~1\Temp\mscdexnt.exeE:\Program Files\Razer\Tarantula\razerhid.exeE:\Program Files\NavNT\vptray.exeE:\DOCUME~1\Taylor\LOCALS~1\Temp\wscsvc32.exeE:\... Read more

A:Protection Center malware

here is my gmer scan so far. I sat and waited for the comp to force reboot and a window poped up and said my system has been damaged and needs to restart this action was started by (computer name)/ (user name). you have 30 seconds to save progress.GMER 1.0.15.15281 - http://www.gmer.netRootkit scan 2010-06-03 00:20:57Windows 5.1.2600 Service Pack 3Running: gmer.exe; Driver: E:\DOCUME~1\Taylor\LOCALS~1\Temp\uftdipod.sys---- System - GMER 1.0.15 ----Code 89FC7238 ZwEnumerateKeyCode 8A111A90 ZwFlushInstructionCacheCode 89FC726E IofCallDriverCode 8A02428E IofCompleteRequest---- Kernel code sections - GMER 1.0.15 ----.text ntoskrnl.exe!IofCallDriver ... Read more

4 more replies
Answer Match 44.52%

Hi.

THis is my issue and hope someone can HELP.

My husband was using the internet when the Best Malware Protection Software downloaded itself on to the home computer...

I am 3 1/2 hours away and he has no computer experience outside of researching car sites. We tried for several hours to attempt to get this soft ware off but it won't go away! Can anyone please help!

A:Best Malware Protection Software HELP!!!!!!!

Hello and welcome to TSF.

Please ask him to register and then follow the steps outlined below, communicating directly with us. The instructions are very clear and he should not have any problem following them:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If there is trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Answer Match 44.52%

Should i use AVG or Avast! i use AVG at the moment but i heard avast is pretty good

A:Virus/Malware Protection?

It's always a balance between performance, protection level, and compatibility.

The last one is really key as I have seen systems that will flat crash using one antivirus but work fine with another that has essentially all the same features.
At the end of the day I've finally just left it to personal preference.
MSE remains the lowest resource hog, but it's still behind some of the big names in detection.

If you keep windows completely up to date a lot of exploits will be patched which also helps security against viral and script attacks.

3 more replies
Answer Match 44.52%

I have a post here: http://forums.techguy.org/general-security/918356-how-do-you-bill-charge.html#post7342582 that discusses the aspects of how you would bill a customer when you have done a malware removal and complete update / protection of system that takes many hours to complete.

One of the things I note in that post is there would likely be comments on what you would do to speed up the process or how you would go about doing it to keep the total hours down to a minimum.

What I would like to discuss here is how and what do you do to keep the total number of hours down when you are doing a complete malware cleaning of a unit with your average to tough malware as well as when you are having to completely update the OS (service packs), install anti-malware tools, update programs, and etc to make the system as defensive as you can for your customer.

Let me give some examples from the other post and then please give feedback on how you handle these situations.

Let's say I have a client with a personal computer. They have 80GB of actual data all on the same drive as the OS, they have very little protection in place, their OS is multiple service packs behind, and they have multiple unknown pieces of malware on the system.

So let's say you go through the normal process of running the 2 to x number of tools you normally would run to clear of malware. You also go through your own personal investigation to catch things not found by the anti-malware tools. You then p... Read more

A:How would you go about doing malware removal and protection?

6 more replies
Answer Match 44.52%

Bogus Software "Malware Protection" takes over my pc. I'm getting search engine redirects, internet is disconnecting and soon after "malware Protection" starts scanning. When I run Malware software it seems to be gone but returns eventually.

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20
Run by Compaq_Administrator at 21:08:42 on 2011-06-13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1405 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Java\Java Update\jusc... Read more

A:Virus "Malware Protection"

did not allow me to attach this file so i copied and pasted. ark

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-13 22:44:37
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD2500JS-60NCB1 rev.10.02E02
Running: gmer.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\kwlyapod.sys
---- System - GMER 1.0.15 ----

SSDT BA757E96 ZwCreateKey
SSDT BA757E8C ZwCreateThread
SSDT BA757E9B ZwDeleteKey
SSDT BA757EA5 ZwDeleteValueKey
SSDT BA757EAA ZwLoadKey
SSDT BA757E78 ZwOpenProcess
SSDT BA757E7D ZwOpenThread
SSDT BA757EB4 ... Read more

18 more replies
Answer Match 44.52%

I am looking for suggestions on which brand of Real time Malware/Virus protection program. We are a non-profit organization running 6 computers. We do run Malwarebytes, but it is the free version, as well as SuperAnti Spyware. Any suggestions?

A:Virus/Malware Protection

Please see: Supplementing your Anti-Virus Program with Anti-Malware ToolsSpyware Terminator offers free real-time protection, although the latest version is more limited than prior releases.After reading that, scroll up to the first topic posting and read Best Practices for Safe Computing - Prevention.

1 more replies
Answer Match 44.52%

I am new at the computer scene and I want to make sure I have the best security possible for free, Of course. I could use any and all pointers on what to have installed and also can someone please tell me what is the best fast & safe browser to use? I have asked several people and received several answers. Heeeeeelllppp...

A:Regarding Best antivirus & malware protection

You ask a common question for which you will receive varying opinions and recommendations.Choosing a security toolkit with anti-virus, firewall and anti-malware programs is a matter of personal preference, your needs, your technical ability and experience, features offered, user friendliness, ease of updating (and upgrading to new program release), ease of installation/removal, available technical support from the vendor and price. Other factors to consider include detection rates and methods, scanning engine effectiveness, how often virus definitions are updated, the amount of resources the program utilizes, how it may affect system performance and what will work best for your system. A particular anti-virus that works well for one person may not work as well for another. You may need to experiment and find the one most suitable for your use and your system. There is no universal "one size fits all" solution that works for everyone.For more specific information to consider, please read:Choosing an Anti-Virus ProgramSupplementing your Anti-Virus Program with Anti-Malware ToolsChoosing a FirewallSame goes for browsers... you will receive varying opinions and recommendations. I prefer to use Firefox.

3 more replies
Answer Match 44.52%

Hi all,

My PC is is/was infected by "Best Malware Protection". I've run Malwarebytes Anti malware and Combofix which seems to gotten rid of the annoying pop-ups - and to all intents and purposes has fixed the problem. I manually removed via HiJackthis's delete on reboot feature the hosts file that was permanently locked.

However when I now run Combofix it still tells me that a real time scanner is active - and tells me it is called Best Malware protection - asks me to disable this before continuing.

I cant seem to disable and am hoping someone can explain what i need to do to remove/disable. Besides this, computer seems to be running fine again.

Thanks everyone,
Mark

A:Infected by Best Malware protection

Sorry - neglected to say am running XP Service Pack 3
Mark

4 more replies
Answer Match 44.52%

....But Kapersky TDSSKiller says I am NOT infected. There is a Privacy Protection Icon on my desktop for pete's sake!!!I have an ASUS Notebook running Windows 7 and the pop up warnings started an hour ago. I clicked on a window to see if this was a windows warning since I have Avast as my Anti-virus program and and I immediately ran a quick scan in Avast and nothing was detected. I then googled Privacy Protection and came here.I have follow all the TDSSKiller instructions twice and nothing. One thing that raised suspision for me was the "run" warning. The name field said: C:\Users\Aric\Desktop\pookie.com\exe .....and the from field said:C:\Users\Aric\Desktop\pookie.com\exe Also the download window did not look the same, it was green and did not have the version numbers on the very top. Please, what do you suggest I do now? I want to hurry and do something before it disables my computer completely.My feeling now is to download the TDSSKiller from a non infected computer to a flash drive an see if it performs differently.Will that work? Why would the TDSSKiller not detect the malware?Gratefully,texasharperEdit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of malware logs. ~ AnimalEdit: Moved topic from Am I infected? What do I do? to the more appropriate forum, with the addition of DDS Log. ~ Animal

A:I KNOW I have Privacy Protection malware

Please take a look here: Remove Privacy Protection (Uninstall Guide)

9 more replies
Answer Match 44.52%

For Anti-Virus I use AVG 8.0

Should I download Avira AntiVir And remove AVG 8.0?

How about for Spyware & Malware?
- I use MalwareBytes

A:Virus/malware Protection?

Hi tia08,Your Anti-virus is fine. It depends your own prefrence. I like AVG 8.0 because it scans for everything and then lets you remove it or not. Avira stops when it finds an infection and lets you deal with it before proceeding. Avira's scan is alot faster than AVG's. For me I still like AVG better. Note: Please do NOT Install more than one Anti-virus programs.How about for Spyware & Malware?- I use MalwareBytesMalwarebytes is a on-demand scanner which is good but it doesn't provide you with real-time protection. I suggust you install Spybot with teatimer or maybe Spywaretermaniator.In addition I recommend Superantispyware along with Spywareblaster.Hope that helps

21 more replies
Answer Match 44.52%

when i finish to update my windows 7 ( After Clean Install) i get this message

can anyone explain me what this message ?

BTW

A:Microsoft Malware Protection

It is some anomaly with Windows Defender setup which should not present further problems.

In fact, install the best free AV for Win7 Microsoft Security Essentials and it will replace Defender.

MSE gives best performance with Win7 Firewall.

1 more replies
Answer Match 44.52%

My Windows security centre shows- under the heading -'Malware Protection'
That windows did not find antivirus software on this computer.
Under this in separate box is the following- Spyware and other malware protection
Windows defender and Mcafee virus scan both report that they are turned on.
Can anybody advise me - my Mcaffe shows that i am protected.

My system is windows Vista Basic.
 

A:Solved: malware protection

Problem solved.-- Uninstalled Mcafee license due to expire anyway.
Installed Avira premium 3mths free promo. Windows security centre now shows all sections protected. I can only assume that Mcafee was effecting it some how.
Thanks for all readers.
 

1 more replies
Answer Match 44.52%

Hi, I posted earlier, awaited GMER then lost my entire post!

In short now:
PC infected with Best Malware Protection & other threats, Adware.MySearch.....and other hijack stuff. Found by running Malwarebytes, found 800+ threats.

Initially ran Malwarebytes and CCleaner and Spybot S&D. Before running these nothing security related could be accessed.

Ran Viruclean and Malwarebytes today, nothing found as of lsat scan.

Problem now, Windows Security Centre shows as Best Malware Protection runing as Firewall and Antivirus even though I have turned them off supposedly.

This runs at start up. Have tried lots of things as well as basic registry editing/removal from advice found on internet, if you need more info pls ask, I did write a v. detailed post and then tried to upload multiple files and it lost it all!

This infected PC is not connected to internet nor does it have any antivirus installed at the moment. Only installed is Malwarebytes and Spybot S&D. I have installed and run all progs for your logs by transferring from my laptop to the infected PC (my friend's PC) via USB.

My friend's PC is the one infected: she used to have AVG 8....., Spyware Blaster, CCleaner, Spybot S&S installed, don't think she ever updated anything, hence, the problem!

Thanks for help in advance. GMER and DDS logs follow.

DDS.txt log:

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by sue casey at 21:09:21.60 on 02/04/2011
Internet Explorer: 8.0.6001.1870... Read more

A:best malware protection virus & others!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your ... Read more

34 more replies
Answer Match 44.52%

First time poster here!
Thanks for having me....
My old pc was hacked/attacked/destroyed by a virus, keylogger,data thief...aaarrrggghhh.
I have just purchased a new desktop that came with Windows Vista Home Premium 64 bit OS. Here's my issue.

When I log off -shut down my pc & log back in, the Malware Protection @ the Security Center has been turned OFF.

Does anyone have any idea as to why this is happening? I scan as soon as I sign in and this is scaring me to death, especially after what happened to my old pc. The Firewall was constantly "being" turned off old pc.

I was using the highly recommended Trend Micro IS 2008 on my old PC and am now using McAfee through MSN Premium.
I am a novice user and would appreciate any help tips or useful info I can get.
Thanks
Kj

A:Malware Protection Shutting Off????

Try & run an online scan & check if the system is infected or not. And if it is not infected you can try to uninstall & then re-install Mcafee.

2 more replies
Answer Match 44.52%

Hi,

I just put together a new machine with Vista and things actually went very well compared to other machines I have built myself. A couple of things related to security I'm not totally clear on -

When you go to the control panel-security settings, it advises you that the missing piece of Vista security is the virus checker. I did a small amount of research and although I hate to throw even more money at MS, I decided to go with MS Live OneCare (free trial).

Live Onecare was a little confusing to me at first...it seemed to duplicate a lot of things that Vista takes care of, I suppose this makes it look better than it's competitors. From what I understand it overrides the scheduling of the Vista based maintenance items like defrag, update etc.

At the point that I loaded the OS + Office, my compter was blazingly fast, much faster than my work computer which is a 3.0 Gig Pentium 4 (mine is 2.4Gz Core Duo). However, since then almost any operation brings up the "hourglass" for 1-3 secs. I think the only difference is Live OneCare but I need to disable or uninstall it to be sure. Is this just the price you pay for virus protection? I assume work computers are largely protected at the firewall so they will always be faster for a given machine?

Also, another Vista "expert" recommends running Spybot for malware detection. From what little I know however, Spybot is not enough by itself because it is not continuously looking for malware. It is someth... Read more

A:Vista malware protection

If I were you I'd ditch the OneCare and get Antivir for virus protection (for free) or buy Kaspersky AV. Both are highly rated and reccommended by many on this forum. For spyware protection it's reccommended to run more than one program because no single spyware app can catch all the stuff out there. I use Windows Defender and also run SuperAntiSpyware weekly.
 

2 more replies
Answer Match 44.52%

Hi, at the moment I have AVG Internet Security and from my experiences, it seems good for removing simple viruses but after that isnt very useful. What would you say would be the best all round Malware protection software?(I dont mind paying.)
Thanks.

PS - Im in need of a good firewall too :^)

A:I Need Advice On Malware Protection

Choosing a security toolkit with anti-virus, firewall and anti-malware programs is a matter of personal preference, your technical ability and experience, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. Other factors to consider include effectiveness, user friendliness, ease of updating, ease of installation and removal. A particular combination that works well for one person may not work as well for another. There is no universal "one size fits all" solution that works for everyone. You may need to experiment and find what is most suitable for your needs. Another factor to consider is whether you want to use paid for products or free alternatives. For more specific information to consider, please read Choosing Your Anti-virus Software.Anti-virus software Comparisons & ReviewsIndependent comparatives of Anti-virus Software <- click on the "Comparatives" link on the leftNerdModo's Top 10 Antivirus SoftwareBest Antivirus Software - Editor's ChoiceTopTen Review: AntiVirus Software Product Comparisonsgizmo's Best Free Antivirus SoftwareAntiVirus Software Comparative Malware Removal TestsThese types of comparative testing results will vary depending on who is doing the testing, what they are testing for, what versions of anti-virus software is being tested, etc. There are no universally predefined set of standards/criteria for testing and each test will yield different resu... Read more

1 more replies
Answer Match 44.52%

I have a post here: http://www.bleepingcomputer.com/forums/t/311540/how-do-you-bill-charge-for-malware-removal-and-computer-updates/ that discusses the aspects of how you would bill a customer when you have done a malware removal and complete update / protection of system that takes many hours to complete.One of the things I note in that post is there would likely be comments on what you would do to speed up the process or how you would go about doing it to keep the total hours down to a minimum.What I would like to discuss here is how and what do you do to keep the total number of hours down when you are doing a complete malware cleaning of a unit with your average to tough malware as well as when you are having to completely update the OS (service packs), install anti-malware tools, update programs, and etc to make the system as defensive as you can for your customer.Let me give some examples from the other post and then please give feedback on how you handle these situations.Let's say I have a client with a personal computer. They have 80GB of actual data all on the same drive as the OS, they have very little protection in place, their OS is multiple service packs behind, and they have multiple unknown pieces of malware on the system.So let's say you go through the normal process of running the 2 to x number of tools you normally would run to clear of malware. You also go through your own personal investigation to catch things not found by the anti-malware tools. You then ... Read more

More replies
Answer Match 44.52%

I recently learned that the two programs, I thought were virus/malware protectors, were actually only virus/malware removers.

Can anyone recommend me two virus/malware protection software.
- Hopefully the two programs don't interfere with eachother.
- They are good protectors.
- They are free.

So, can anyone recommend two programs with the above preferences?
 

A:Virus/Malware Protection

9 more replies
Answer Match 44.52%

Okay so about 5 days ago I figured out that I had a Privacy Protection virus. I immediately went to my iphone and looked for help, since I could not connect to the internet via my computer. I found this guide from this website http://www.bleepingcomputer.com/virus-removal/remove-privacy-protection and followed its stepsbut I am still unable to connect to the internet so that I can update Malwarebites so that it can completely get rid of the virus. So what I need is help restoring my ability to connect to the internet so that I can update maleware bites, any help greatly appreciated.

A:Privacy Protection Malware HELP PLEASE

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart th... Read more

7 more replies
Answer Match 44.52%

Hi all,
Requested Files attached

Original post below:
My PC is is/was infected by "Best Malware Protection". I've run Malwarebytes Anti malware and Combofix which seems to gotten rid of the annoying pop-ups - and to all intents and purposes has fixed the problem. I manually removed via HiJackthis's delete on reboot feature the hosts file that was permanently locked.

However when I now run Combofix it still tells me that a real time scanner is active - and tells me it is called Best Malware protection - asks me to disable this before continuing.

I cant seem to disable and am hoping someone can explain what i need to do to remove/disable. Besides this, computer seems to be running fine again.

Thanks everyone,
Mark

A:Best Malware Protection removal

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

2 more replies
Answer Match 44.52%

Get the latest definitions - Microsoft Malware Protection Center
Hopefully this site hasnt been hijacked, but as of friday evening, i have not found one update to this MS program.
Definition Change Log is the same one that i downloaded on Friday the 25th of Sept. i.e., Ver. 1.67.62.0
Would anyone know if the site is down, or has MY listing for this site been hijacked...
thanks for any info.
jakeers

A:MS Malware Protection Center

Hi

the site is up and the virus defs are the ones from the 25th. my mse defs are 167.130.0 and were updated on the 27th

ken

6 more replies
Answer Match 44.52%

This program continuously pops-up warnings about infections and trojans, wants me to download its software to "correct" (I haven't). Below is the DDL log, attached is the ark.txt log.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by pasquale piscitelle at 15:56:59.82 on Sun 05/01/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.992.690 [GMT -4:00]
.
AV: Best Malware Protection *Enabled/Updated* {ABF9A7D4-391C-4281-A67C-B29DAB3938B5}
FW: Best Malware Protection *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iPod\bin\iPodService.exe
C:\Docume... Read more

A:Best Malware Protection loaded itself

Please ignore this request for now, a local computer shop may be able to help. If I need assiatance, I will re-post. Thanks

2 more replies
Answer Match 44.52%

.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Kober at 15:17:25.66 on Sun 04/03/2011
Internet Explorer: 8.0.6001.19019
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3518.2917 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Pro... Read more

A:Antivirus Protection Malware

Hello tkober , Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make. Open Windows Defender. Click on Tools, General Settings. Scroll down and uncheck Turn on real-time protection (recommended). After you uncheck this, click on the Save button and close Windows Defender.After all of the fixes are complete it is very important that you enable Real-time Protection again.2.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be ... Read more

17 more replies
Answer Match 44.52%

So, my kid comes to me and says, "Dad, help. I was online and suddenly popups started appearing saying the computer is infected with two viruses, and it's running a scan." Lickety-split I'm in the office and sure enough "Malware Protection" is on the screen apparently running a scan. The problem is, I never loaded it onto my computer. That's for another day though...

The result is that I get continually rotating notification balloons in the bottom right hand corner of the screen that tell me, "File (such and such)
is infected by W2/Blaster.worm. Please activate Malware Protection to protect your computer." Being careful not to start any executable files or enter any personal information, I moved forward to see what activating it entailed. And of course it wants my personal information.

I cannot turn it off. I cannot uninstall it. It won't allow me to open the Task Manager. And here comes the worst part: it won't let me connect to the internet through either FireFox or Internet Explorer. So I'm sending this from a different computer.

Additionally, there is a larger popup saying, "FIREWALL WARNING. Hidden file transfer to remote host has been detected." It then recommends you block the transfer and asks you to choose to Block or Allow. Allow simply closes the popup for a little while. Block brings you again to a screen that asks you to activate the program.

Essentially, I can't use my computer at all for ... Read more

A:"Malware Protection" Virus

Had same problem as well. Was able to halt it by disconnecting from the internet and starting task manager immediately after logging into the computer, working quickly to stop processes related to it. Cannot recall name of process exactly, but I believe it started with a "u" and "*32" was at the end. There were several of the particular process. Doing this allowed me to run previously inaccessible programs, including system restore. Seems to be gone now.

10 more replies
Answer Match 44.52%

Hello guyz,

Today accidentally installed Internet protection programm which is starting with windows and poping up each 2 mins with warning about viruses, key loggers and so on. So i searched about fix to this and i found ur homepage, i did everything as written and after rebooting my pc nothing has changed, so im actually thinking about reinstalling windows.
What i did was:

Went in to safe mode + networking.
Downloaded and run Rkill (wich kinda worked after the process got txt file)
downloaded Malware-antibytes and ofc run it too ( found me some 5 infected files which i deleted but as i already mentioned above didnt change anything.) Did it even for several times and still nothing.

More replies
Answer Match 44.52%

Hello,

I have an HP Laptop that was recently infected with some malware. A friend helped me out and installed a few items, which seemed to be a temporary fix, because a few days later I kept getting this Privacy Protection window that looked like it was scanning. It also prevented me from opening any programs, and would show a small bubble stating that the .exe file could not be opened.

Thank you in advance for any, and all, of your help.

Thanks again.

Logs:


.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Run by Priya Rastogi at 21:59:09 on 2011-11-24
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3895.3191 [GMT -5:00]
.
AV: Symantec Endpoint Protection *Enabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalS... Read more

A:Privacy Protection Malware???

Welcome to TSF

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

A guide and tutorial on using ComboFix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
See this link for instructions on how to do this:
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Please include the C:\ComboFix.txt in your next reply for further review.

16 more replies
Answer Match 44.52%

Currently.. All i am running is The Windows Def. The windows firewall(one that came with computer) and AVG Free version. But someone said something about spyware? Malware protection? And btw... i DO-NOT trust Malwarebytes Anti-Malware anymore. My dads friend had the free version on his computer and when he came over, (my wireless internet has super duper scanners built in)(my dad's business servers r at our basement) so it scanned my dads friends laptop, and their was like some sort of worm/trojan -like thing inside of malwarebytes anti-malware! So i just dont trust it! But all i got is -->

AVG Free, Windows Def, and normal Windows firewall. Any advice for Malware protetion/spyware stuff? OR is anti-spyware built-into AVG?

A:Malware PRotection/Spyware?

I suggest, & recommend you investigate SuperAntiSpyware. [ Their support is excellent too.]

SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!


SUPERAntiSpyware.com &bull; Index page

17 more replies