Search Results

Search found 1209 results on 49 pages for 'malware removal'.

Page 12/49 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

  • What the hell was THAT?!?

    - by Massimo
    My system is Windows XP SP3, updated with the latest patches. The PC is connected to a Cisco 877 ADSL router, which does NAT from the internal network to its single static public IP address. There are no forwarded ports, and the router's management console can only be accessed from the inside. I was doing two things: working on a remote office machine via VPN and browsing some web pages on the Cisco web site. The remote network is absolutely safe (it's a lab network, four virtual servers, no publicly accessible services and no users at all; also, none of what I'm going to describe ever happened there). The Cisco web site... well, I suppose is quite safe, too. Suddenly, something happened. Strange popups appears anywhere; programs claiming they're "antimalware", "antispyware" et so on begins autoinstalling; fake Windows Update and Security Center icons pop up in the system tray. svchost.exe began crashing repeatedly. Then, finally, after some minutes of this... BSOD. And, upon rebooting, BSOD again. Even in safe mode. Ok, that was obviously some virus/trojan/whatever. I had to install a new copy of Windows on another partition to clean things up. I found strange executables, services and DLLs almost anywhere. Amongst the other things, user32.dll and ndis.sys had been replaced. A fake software called "Antimalware Doctor" had been installed. There were services with completely random names or even GUIDs (!), and also ones called "IpSect" and "Darkness". There were executable files without an .exe extension. There were even two boot-class drivers, which I'm quite sure are the ones that finally caused the system to crash. A true massacre. Ok, now the questions: What the hell was that?!? It was something more than a simple virus! How did it manage to attack my computer, as I am behind a firewall and was not doing anything even only potentially harmful on the web at the time?

    Read the article

  • USB drive gets infected every time I plug it into my laptop

    - by ashwnacharya
    Whenever I plug in my USB flash drive into my laptop running Windows XP, an AutoRun.inf file gets created inside it. Also a hidden folder called "Cache" which uses the Recycle bin icon gets created. AutoRUn.inf file cannot be opened in Windows. Both the Autorun.inf file and the "Cache" folder cannot be deleted. I opened the AutoRun.inf file using Ubuntu. I saw that it is trying to run a file Cache\TMP983.exe. I ran all anti-spywares, anti-malwares, anti-viruses, USB autorun eaters, but to no avail. How do I fix this?

    Read the article

  • Is free security software as good as paid security software?

    - by Tester101
    I mostly use free security solutions to protect my home PC, but I wonder if I would get better protection from a paid solution. I prefer the free software, since I can have multiple applications protecting against different threats. With paid software I feel like I have to choose just one, and hope it can protect against everything. Is it worth it to pay for security when there are free options?

    Read the article

  • Strange email coming from/to my computer

    - by Micah
    I'm running smtp4dev on my machine to trap anything going in/out of my computer on port 25 for testing purposes. Every so often this email gets trapped and I have no idea what it's from. I have Microsoft Security Essentials running on my machine and it hasn't identified and viruses or anything so I'm not sure what's going on. Here's the content of the message: Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Message-ID: <[email protected]> From: "" <[email protected]> To: <[email protected]> Subject: BC_173.162.7.130 Date: Fri, 24 Jun 11 20:36:15 GMT MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01C2CC60.49F4EC70"

    Read the article

  • How does Antimalware Doctor infect computers?

    - by Pyrolistical
    I didn't do anything stupid like run random .exe or visit questionable websites, but as I was just Googling I get infected by Antimalware Doctor. At that point I just shutdown my computer and reformatted, so I didn't check if I had the latest version of Flash or Firefox. Is it possible to get infected just because I didn't have my Flash newer than 10.1 and some random flash ad infected me? There doesn't seem to be any information on how Antimalware Doctor works asides from how to remove it.

    Read the article

  • How did what appears to be a virus get on my computer? (explanation of situation enclosed)

    - by Massimo
    My system is Windows XP SP3, updated with the latest patches. The PC is connected to a Cisco 877 ADSL router, which does NAT from the internal network to its single static public IP address. There are no forwarded ports, and the router's management console can only be accessed from the inside. I was doing two things: working on a remote office machine via VPN and browsing some web pages on the Cisco web site. The remote network is absolutely safe (it's a lab network, four virtual servers, no publicly accessible services and no users at all; also, none of what I'm going to describe ever happened there). The Cisco web site... well, I suppose is quite safe, too. Suddenly, something happened. Strange popups appears anywhere; programs claiming they're "antimalware", "antispyware" et so on begins autoinstalling; fake Windows Update and Security Center icons pop up in the system tray. svchost.exe began crashing repeatedly. Then, finally, after some minutes of this... BSOD. And, upon rebooting, BSOD again. Even in safe mode. Ok, that was obviously some virus/trojan/whatever. I had to install a new copy of Windows on another partition to clean things up. I found strange executables, services and DLLs almost anywhere. Amongst the other things, user32.dll and ndis.sys had been replaced. A fake software called "Antimalware Doctor" had been installed. There were services with completely random names or even GUIDs (!), and also ones called "IpSect" and "Darkness". There were executable files without an .exe extension. There were even two boot-class drivers, which I'm quite sure are the ones that finally caused the system to crash. A true massacre. Ok, now the questions: What the hell was that?!? It was something more than a simple virus! How did it manage to attack my computer, as I am behind a firewall and was not doing anything even only potentially harmful on the web at the time?

    Read the article

  • How do I properly check if a program is a virus/trojan in VMware?

    - by acidzombie24
    How I should check if a program is a virus in VMware? Some programs I do need admin ability to install and it makes sense. But how do I know if it's doing more than I want? Some thoughts are: How many processes open when I launch the application What is added to the startup tab in msconfig If any services are added. That's pretty much all my ideas. Even if it does something I recognize I wouldn't know if it's necessary or not. What are some rule of thumb? -Edit- What about registries, can I use that information to help? Maybe have a scanner tell me if the application I just used has messed with sections (like bootup) it shouldn't have?

    Read the article

  • How can I automatically require a password when connecting to a WD MyBookLive?

    - by user-123
    I have created a user which has specific privileges to access the shares on our WD MyBookLive Network drive (ie it requires a password to connect), however after connecting once Windows seems to remember the password (or at least for the rest of the session). How can I make it so it is necessary to require a password every time the user connects to the drive or makes some change on Windows? I am particularly thinking of Cryptolocker and other variants of "ransomeware" which will try and connect to the drive and encrypt it.

    Read the article

  • Can't open Control Panel or IE

    - by Josh
    I have a XP computer where when ever I try to open Control Panel nothing happens, nothing flashes on the screen. Same thing with Internet Explorer. I've scanned the computer with Malwarebytes and Avast, Malwaresbytes found some Adware which it removed without problems. Avast found nothing. I looked at the running processes with Process Explorer, nothing malicious running. And looked at a Process Monitor output when I tried to run IE, nothing obviously wrong. The process just decides to exit. What can I try next? I would suspect corrupt IE install but Control Panel doesn't work either. UPDATE: Nether work in Safe Mode under the user account. (only 1 user on the computer) But in Safe Mode, under the built in Administrator account, they work. So what ever is broken, is only broken in the one account. Anything under the HKCU registry key that could break this?

    Read the article

  • md5sum or sha1sum of legitmate microsoft system files

    - by martyvis
    Is there a database or repository of the legitimate checksums for Microsoft system files? We think we have a 0day on DNS for Windows 2003 SP2 using IRC for command and control. (Latest McAfee does not see an issue). I want to compare our customer's dns.exe and associated DLLs with the real ones. (I will grab a fresh SP2 and hotfixed system to do this, but wonder how to do this in future without needed to do this.)

    Read the article

  • Tracing what program is making a network connnection? (CentOS)

    - by Airjoe
    I was wondering if it is possible to find out which process is trying to make a specific network connection. On a server I support which hosts websites for about 200 users, the iptables firewall keeps blocking, as it should, a connection to 212.117.169.139 on port 80. Firefox reports this as an attack page (and at the least is obvious spam, if not malicious). It seems something on this server is trying to access this site for some reason, and although it's being blocked successfully, the requests seem to be going through every two to sixty seconds and I'd like to be able to find what process or script is doing this so I can handle it appropriately. Besides doing a grep to try and find if this IP is in some file (which probably won't even work because it may be working by hostname or it may be encoded), is there any way to find out some more information? Thanks!

    Read the article

  • Strange ports on default install of W7

    - by Sabre
    I have a base new install of windows 7, and when I went to look for something else I saw the attached netstat output. What concerns me is that this is Windows + Truecrypt + drivers, nothing else installed. The sequential high ranged ports belonging to several different seemingly not out of place services seemed odd. So I torched the install, used Active@ to scrub the disk, re-downloaded the ISO from MSDN, and did a fresh reinstall, viola, they are there again. It just seems out of place, I have seen a many netstats over the years, this one just strikes me as odd, so I started thinking rootkit? (JUst FYI, when I reloaded I named the machine "Error" so that is why the task manager reads the computer name as such.) So I would like to know if anyone else could explain it, and therefore is may be normal, or would they be worried as well, and should I start considering I have some very strange thing occuring on my network?

    Read the article

  • File types and locations (if any) to exclude from AntiVirus scanning?

    - by CAD bloke
    Should I add any file types to my anti-virus's file type exclusion list? If so, which types? Should I add any locations (specifically for Windows 7) to an exclusion list? If so, which locations? Google found me a few references like http://support.microsoft.com/kb/822158 http://support.microsoft.com/kb/943556 and some site purporting to conduct expert sex changes but haven't found anything particularly confidence-inspiring.

    Read the article

  • What are the most common dangerous domains that I should block?

    - by Dalia
    I am trying to configure my wireless router to block domains that are potentially dangerous to privacy, security, and bandwidth-hogs. Is there a list of domains that I can block at the router level? On a machine level, I have set the hosts file from www.mvps.org and that works on my machine. However, I want to implement something at the router level too - so that all computers in my household are somewhat protected.

    Read the article

  • Browser keeps being really rude to me today

    - by j-t-s
    Hi All I've had this problem only once before, years ago. I bought a new computer the other day and last night I visited a website which Google Chrome suspected was an insecure site. So I proceeded to view the page anyway (Stupid, I know... But I was curious), and all of a sudden the window closed and ever since, every few minutes either Google chrome or Internet Explorer keeps popping up with random websites, most of which are porn-related sites. I have downloaded ZoneAlarm, IOBit 360, Eset Smart Security and none of them reported any problems. I still have the rube browser problem. Can somebody please suggest any software/ways to fix this? (Other than to reformat please :)) Thank you :)

    Read the article

  • Unidentified Window OnStartup

    - by CMP
    Every time I start up windows vista lately, I see a random floating window. It is a tiny little window with no title, and only the resize, maximize and restore buttons. I'd post an image, but I don't have reputation here yet. I can close it, and it does indeed go away, but I would love to figure out what it is and stop it from popping up at all. I used Autohotkey's window spy on it and all I learned is that it is a swing window, which doesn't help me out a whole lot. Is there a good way to identify which process it belongs to and figure out how to kill it?

    Read the article

  • Monitor programs accessing my keyboard?

    - by Anti Earth
    As of a few days ago, my computer is behaving 'erratically'. When I am typing, my pointer will randomly move to another place in the text and start typing a semi-random string of characters. ("gvyfn" is common; It has typed this about 8 times whilst I composed all the text above) It often highlights part of or all the text and overwrites it. It sometimes goes into loops of pressing Control-alt-delete down, bringing up Windows 7 menu thing. It sometimes even messes with mouseclicks; they have unexpected results, like requesting admin priveledges from applications, instead of switching to their window. I believe this is because it is holding a alt-function key down. This behaviour happens periodically, in waves. It might subside for an hour, then continue to haunt me. I believe it to be a virus or malicious program. My anti-virus (Symantec) and multiply MS rootkit removers could not find anything suspicious. I've noticed that sometimes it re-maps keys, and types gibberish when I press certain keys (though no pattern is evident). I believe a malicious program has installed a keyhook on my computer. I'm wondering... - Is there a way to let me view which programs are emulating keystrokes? - Is there a way to view what keyboard hooks are installed? (I'm also at liberty to try any other techniques to remove this blasted thing. It is easily the most fustrating computer problem I've encountered). Thanks!

    Read the article

  • All PHP files getting hacked

    - by nsearle
    Hey All, Like always, just want to say thank you for all of the help and input in advance. I have a particular site that I am the web developer for and am running into a unique problem. It seems that somehow something is getting into every single PHP file on my site and adding some malware code. I have deleted the code from every page multiple times and changed FTP and DB passwords, but to no avail. The code that is added looks like this - eval(base64_decode(string)) - which the string is 3024 characters. Not sure if anyone else has ran into this problem or if any one has ideas on how I can secure my php code up. Thanks again.

    Read the article

  • what does this attempted trojan horse code do?

    - by bstullkid
    It looks like this just sends a ping, but whats the point of that when you can just use ping? /* WARNING: this is someone's attempt at writing a malware trojan. Do not compile and *definitely* don't install. I added an exit as the first line to avoid mishaps - msw */ int main (int argc, char *argv[]) { exit(1); unsigned int pid = 0; char buffer[2]; char *args[] = { "/bin/ping", "-c", "5", NULL, NULL }; if (argc != 2) return 0; args[3] = strdup(argv[1]); for (;;) { gets(buffer); /* FTW */ if (buffer[0] == 0x6e) break; switch (pid = fork()) { case -1: printf("Error Forking\n"); exit(255); case 0: execvp(args[0], args); exit(1); default: break; } } return 255; }

    Read the article

  • Uninstall mysql completely windows 7

    - by cestmoimarin
    Greetings, I understand that this questions has been asked twice. However the answer is not there. I've removed all mysql in registry via regedit that I could find. I made programdata folder visible, deleted mysql folder that's there. Windows 7 doesn't have a very good 'grep' equivalent that I could use. I tried using powershell to find any hidden files but it requires digital signatures which I do not know how to create. Besides windows restore, is there any other way I can force my old 'invisible' mysql 5.1.40 to disappear? I want to try and install mysql via other ways, I'm not sure how to use cmake though to compile the code.

    Read the article

  • How to remove google ads virus in Internet Explorer?

    - by msbg
    I picked up some adware that adds irrelevant advertisements to Google and Wikipedia. I have scanned with MalwareBytes, Windows Defender (Which is the same as MSE in Windows 8), Ad Aware, Spybot, and McAfee, which found no results. This only occurs in Internet Explorer 10, not in Firefox or Iron. I would like to keep IE10, I think it is a major improvement from previous versions. Any ideas on how to remove the adware?

    Read the article

  • how to remove leading whitespace from filenames/folders snow?

    - by timoto
    how do I remove leading whitespace from filenames/folders in OSX snow ? As provided below by Lri I was able to remove trailing whitespace using this #!/bin/bash IFS=$'\n' for d in {1..9}; do find ~/Desktop -name '* ' -depth $d | while read f; do mv "$f" "$(sed 's/ *$//' <<< "$f")" done done Now I'm trying to remove leading whitespace with this #!/bin/bash IFS=$'\n' for d in {1..9}; do find ~/Desktop -name '* ' -depth $d | while read f; do mv "$f" "$(sed 's/^ *//;s/ *$//' <<< "$f")" done done but it doesn't work. What am I doing wrong ?

    Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >