Infection possible banker

Hi all
Our PC has recently been running really slow and has started to refuse to run Windows defender but also make great desktop icons. We entered the code above in the database of virus of Microsoft, he suggested that there could be a 'banker'-l' type infection.  We have no idea if this is the case and how to clean.  I have malwarebytes on the system as well as AVG. These services did not find anything else that Windows One Care if is, she could not cleaned the registry key however. Anyone have any suggestions on how to make our new PC well?
Thank you very much.
Our system uses XP


Through these generals the malware removal not systematically -

Include analysis with David Lipman's Multi_AV of and follow the instructions to do all scans in Mode without failure. Read the Special Notes about the use of Multi_AV in Vista. - instructions - download link and further instructions

When it failed, download Guided Help. Choose one of the specialty forums listed on the first link. Save and read his FAQ display. PLEASE DO NOT DISTRIBUTE NEWSPAPERS IN MS FORUMS

If you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). Please be aware that not all shops are skilled at removing malware, and even if they are, your computer may be so infested that Windows will have to be properly installed. If possible, have all your data backed up before taking the machine into a shop.
MS - MVP - Elephant Boy computers - don't panic!

Tags: Windows

Similar Questions

  • MacBook Pro slow since El Capitan upgrade

    Hello - My machine is several seconds or laggy since update to El Capitan.  I have done first aid in the new disk utility and restarted several times with a few improvements, but things are still running slower than on Yosemite.  Any ideas?  Here is my EtreCheck:

    EtreCheck version: 2.7.2 (232)

    Report generated 2016-01-15 23:14:26

    Download EtreCheck

    Time 01:27

    Performance: Excellent

    Click the [Support] links to help with non-Apple products.

    Click the [details] links for more information on this line.

    Click the [Scan for adware] links help to remove the adware.

    Problem: The computer is too slow

    Hardware information: ⓘ

    MacBook Pro (15-inch, mid-2012)

    [Technical details] - [User Guide] - [Warranty & Service]

    MacBook Pro - model: MacBookPro9, 1

    1 2.6 GHz Intel Core i7 CPU: 4 strands

    8 GB of RAM expandable - [Instructions]

    BANK 0/DIMM0

    OK 4 GB DDR3 1600 MHz

    BANK 1/DIMM0

    OK 4 GB DDR3 1600 MHz

    Bluetooth: Good - transfer/Airdrop2 taken in charge

    Wireless: en1: 802.11 a/b/g/n

    Battery: Health = Normal - Cycle count = 1487 - SN = D86225200GKDGDLBQ

    Video information: ⓘ

    Graphics Intel HD 4000

    Color LCD 1680 x 1050

    NVIDIA GeForce GT 650M - VRAM: 1024 MB

    System software: ⓘ

    OS X El Capitan 10.11.2 15 c (50) - since startup time: less than an hour

    Disk information: ⓘ

    SM128E SSD APPLE disk0: (121,33 GB) (Solid State - TRIM: Yes)

    EFI (disk0s1) : 210 MB

    HD (disk0s3) [recovery] recovery: 650 MB

    MacBook Pro (disk1) /: 120,10 (Go 24,28 free)

    Storage of carrots: disk0s2 120.47 GB Online


    USB information: ⓘ

    Apple Inc. FaceTime HD camera (built-in)

    Apple Inc. Apple keyboard / Trackpad

    Computer, Inc. Apple IR receiver.

    Apple Inc. BRCM20702 hub.

    Apple Inc. Bluetooth USB host controller.

    Information crush: ⓘ

    Apple Inc. Thunderbolt_bus.

    Goalkeeper: ⓘ

    Mac App Store and identified developers

    Adware: ⓘ

    Adware infection possible. [Search the adware]

    Kernel Extensions: ⓘ

    / System/Library/Extensions

    com.Focusrite.driver.usb2audio [no charge] (1.5-10.6 SDK) [Support]

    Launch officers: ⓘ

    [ongoing] [Support]

    ✓ - Updater.plist [loading] [Support]

    Launch of the demons: ⓘ

    ✓ com.adobe.fpsaud.plist [loading] [Support]

    ✓ com.barebones.authd.plist [loading] [Support]

    ✓ com.bombich.ccc.plist [loading] [Support]

    ✓ com.bombich.ccchelper.plist [loading] [Support]

    ✓ [ongoing] com.cleverfiles.cfbackd.plist [Support]

    ✓ com.malwarebytes.MBAMHelperTool.plist [loading] [Support]

    ✓ - Tool.plist [loading] [Support]

    org.tcpdump.chmod_bpf.plist [loading] [Support]

    Launch User Agents: ⓘ

    ✓ [loading] [Support]

    [ongoing] org.XBMC.helper.plist [Support]

    User login items: ⓘ

    iTunesHelper Application (/ Applications/

    Find another shortcut to file Application (/ Applications/Utilities/find all all file)

    Other applications: ⓘ



    [ongoing] com.etresoft.EtreCheck.12512

    [ongoing] org.Mozilla.Firefox.53472

    [ongoing] org.Tempel.findanyfile.hotkey.74592

    Internet Plug-ins: ⓘ

    FlashPlayer - 10.6: Version: - 10.6 SDK [Support]

    QuickTime Plugin: Version: 7.7.3

    Flash Player: Version: - 10.6 SDK [Support]

    Default browser: Version: 601 - SDK 10.11

    PepperFlashPlayer: Version: - 10.6 SDK [Support]

    Silverlight: Version: 5.1.40728.0 - 10.6 SDK [Support]

    JavaAppletPlugin: Version: version check Java 8 66 17 construction update

    The Safari Extensions: ⓘ



    Audio plug-ins: ⓘ

    DVCPROHDAudio: Version: 1.3.2

    3rd party preference panes: ⓘ

    Flash Player [Support]

    Java [Support]

    Time Machine: ⓘ

    Skip system files: No.

    Mobile backups: OFF

    Automatic backup: NON - automatic backup disabled

    Volumes to back up:

    MacBook Pro: Disc size: 120,10 GB disc used: 95,82 GB


    MBP-backup [Local]

    Total size: 142,21 GB

    Total number of backups: 5

    An older backup: 29/04/14, 15:43

    Last backup: 04/12/14, 12:09 AM

    Backup disk size: too small

    Backup size 142,21 GB< (disk="" used="" 95.82="" gb="" x="">

    Top of page process CPU: ⓘ

    Firefox 8%

    6% WindowServer

    4% kernel_task

    3% hidd

    1% fontd

    Top of the process of memory: ⓘ

    675 MB kernel_task

    500 MB firefox

    Ocspd 238 MB

    ICDD 164 MB

    156MO WindowServer

    Information about virtual memory: ⓘ

    1.61 GB of free RAM

    6.38 GB used RAM (1.76 GB being cached)

    Used Swap 0 B

    Diagnostic information: ⓘ

    January 15, 2016, 23:04:59 self-test - spent

    January 15, 2016, 21:34:02 /Library/Logs/DiagnosticReports/Mail_2016-01-15-213402_[redacted].hang


    January 15, 2016, 21:09:17 ~/Library/Logs/DiagnosticReports/pkd_2016-01-15-210917_[redacted].crash

    / usr/libexec/PKD

    Try a boot course and see there is a difference:

    Thought that it reads 'normal', in 1487 cycles a battery is warranted.  Stacks of old, used often expand and can damage a MBP.


  • Help with shortcuts removed/dead and weird Windows Update

    OK, so some time so that I was on vacation, my om used my PC in about 5 min to do something I told him to do. And somehave, when I returned, all the buttons in the start menu under the 'Connect to' or wathever is blocked. Whenever I press them, Windows is opening an empty window. Like all empty them, no text at all. And shortcuts (those in the lower-right corner) died too, all of them.  In addition to the Windows Update, its quite weird. When I open and select 'Install updates' (because I turned off auto update), he did his thing and goes to the classic blue/green start with updated text. And stays there. Can use hours and get back, and it is screwed up and before it resets the fact again. And once again. And once again. Help!

    We need to know some info on your system.  What version of level pack Windows\service are you running?  What error codes do you receive?  Questions you have indicated, I would look for in an infection possible virus\malware.  You should take a look at this thread: Mike to get rid of malware – Microsoft answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think.

  • ERROR Ox8007005


    I am trying to download tvmc to windows vista, and towards the end of the installation, I get "error opening file for writing" c:\windows\TEMP\vc2013\vcredist_x86.exe

    Please give advice on how should I proceed to correct the problem.

    Thank you very much.

    error 0 x 8007005 very strongly suggest that you see the effects of a current malware infection, possibly - long.

  • "Post work site" screen that appears when the computer is started

    I just bought a computer and after having turned it on, I have 4 windows to appear on my screen and I can't seem to get their past:

    (1) X:windows\system32\cmd.exe-startnet.cmd--> within this window is written windows\system32 > wpeinit

    (2) X:windows\system32\cmd.exe

    (3) STRIP Workstation build 60--> this window asks me to enter a user Installer ID and PW, an install server, select a category of workstation (remote BAND Colocated, BAND strengthened, band, BAND SSWB)

    (4) paper packaging--> says 'collection building Info '.

    I see a possible Bank of America Logo background is the upper right corner, this computer is refurbished, but does that mean I can't ignore such things and get started? It won't let me shut down screen #3 until I get a username and ive treid to make things for the field, but he will not accept them.

    Any suggestions?

    Hello adatiaH,

    These are the only screens that come up?

    Are we able to get to a command prompt?

    If so, what is the machine returns when we type the following command followed by ?


    EDIT: also, I wanted to ask a few other questions:

    1. You mentioned that you thought that this machine has been renovated.  Where did this come from?
    2. Using Windows PE in your environment?

    If this machine was purchased just, it seems that there are traces of its former owners out there.  As is the case, you should probably format the machine and reinstall Windows later.

    Let us know.

    Best regards


  • 'iPhone has been severely infected by viruses -' is this possible?

    Surf the internet (safari) pops up a window that says that the iPhone has been severely infected by viruses (respectively 7) and I have to follow the instructions to repair the phone. Is this possible or is it a fake?


    No, there is no virus in the wild for iOS. This popup is just a scam to try to get you to reveal personal information. Quit Safari and go to safari settings and delete cookies and clear history and cache.

  • Is it possible to send money directly to the bank account of the friend using apple pay?

    I think that I heard that it will soon be possible to send money directly from my bank account to bank account a friend with us using apple two pay.

    Is this true? And if it is, when can we do this? Or is this already available?

    Thank you!

    No, until Apple made the announcement, no one knows.

  • all my Start menu programs were dashed when cleaning an infection on my XP PC. The computer starts well. Is it possible to restore program shortcuts

    My PC has been infected evil and right after that I typed my password, some malware would take over. I was able to use Avast to get rid of the infection, but now when I go into my Start menu there is no visible shortcuts, and when I click on the programs of the window is empty. Is it possible to restore the programs in the program menu.


    These problems occur if the value of the Start Menu common registry entry is inaccessible or if the value is not valid. In this case, Windows XP cannot initialize the shell program.

    The fix of the below article can be useful.

    When you point to "Programs" on a Windows XP-based computer, the program list does not appear, or the list of programs is empty

  • Sharing a connection with a possibly infected PC.

    I have two computers, one of them may be infected.

    If I use a hub to share the network connection (plug my modem cable to the hub and then connect each PC in this hub) and a KVM switch allows you to share external peripherals such as mouse, keyboard and monitor, will I have the own computer infected too?

    I don't have a local network (actually I don't know exactly what is a LAN, but I guess that's something that needs to be put in place).

    The own PC is a Vista, the other is an XP.

    Thanks for your help.

    TI computers are connected and sharing of files, then it is possible that infection from spreading (and it seems that you only use the hub/switch by your internet connection, I need you to confirm that) NEVER move you files between two computers by any connection you set up - is that correct?   It seems relatively safe only share the internet connection (assuming that's it, that is - if you also share files between computers while the chances of infecting other computers are high).  The switch for the devices will not cause a problem.

    You should get the infected computer cleaned as soon as possible to make sure it's not more difficult to solve, because the infection (or starting to cause serious problems).

    This is compliments of PA bear MS MVP:

    Microsoft PCSafety provides users at home (only) with free assistance in dealing with infections by malicious software such as viruses, adware and spyware (including unwanted software).

    Also available via the homepage of Support of consumer safety:


    1. see if you can download/run the MSRT tool manually:

    NB: Run the FULL scan, not analysis FAST!  You may need to download the MSRT on an uninfected machine and then transfer the MRT. EXE to the infected machine and rename it to SCAN. EXE before running it.

    2A. WinXP-online Windows Live Safety Center scanner 'Protection' (only!) in Mode safe mode with networking, if necessary:

    2B. Vista or Win7-online this scanner instead:

    3. now post the logs required in a forum appropriate for support by an expert in the field. DON'T SKIP THIS STEP!

    I can recommend the assistance of experts available in these forums: and

    If these procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a local, good reputation and stand-alone computer (that is, not BigBoxStoreUSA or Geek Squad) repair facility.

    I hope this helps.

    Good luck!

    Lorien - MCSA/MCSE/network + / has + - if this post solves your problem, please click the 'Mark as answer' or 'Useful' button at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.

  • Is it possible batch redact handwritten numbers as the Bank, the audit of the accounts?


    Is it possible batch redact handwritten numbers as the Bank, the audit of the accounts?

    We have loan documents and a single page is filled by the customer for the ACH.

    They provide their info from debit card or cheque for payment account.

    These are written by hand, and so far I can't have Adobe to recognize numbers, even though they are in the standard format.

    If this is not possible, batch Adobe may delete the page in question as a lot?

    Thank you very much, Paul

    -If the texts always appear in the same physical location on the page, then you can use a script to redact this area, Yes.

    -Otherwise, you can easily delete the entire page.

  • Is it possible to pay by bank transfer in Switzerland?

    I paid my cc account with credit card. But I want to pay by bank transfer. Is it possible to pay in Switzerland by bank transfer, because I don't have access to a different credit card and I want to stay by adobe CC. I would also pay fees to pay with bank transfer. Is this possible?

    Since this is an open forum, not Adobe support... you must contact Adobe personnel to help

    Chat/phone: Mon - Fri 05:00-19:00 (US Pacific Time)<=== note="" days="" and="">

    Don't forget to stay signed with your Adobe ID before accessing the link below

    Creative cloud support (all creative cloud customer service problems)

  • In the latest version, it is possible to record the internet banking past etc. Bad for safety! Why this change?

    No browser has kept this password never. In the latest version of Firefox, it is possible to keep each password now. I think that's not good.
    Please let me now the reason.
    Gr. Johan Smit

    chrome and ie is the same change. I don't think it's bad for security - on the contrary, when users always have the ability to save a password that they tend to choose those more complex that is difficult to crack...
    However this is a discussion that probably doesn't belong here.

  • I can't find a way to block cookies on the Bank of America website. Is it possible to do it again?

    Previously, when the Bank of America Online Banking Web site access I could keep them from placing cookies on my computer. Following your instructions online I have only history. How can I block cookies with the current version of Firefox running on a Mac?

    You are here - "Block cookies" nor "Allow only for this session" leave me on the site Web of BofA. However, Safari always display all security zones, including one who said that it does not recognize my computer and questions of security, as Firefox has done before.

  • Possible hacker infect my system?

    original title: KB963093

    Maybe I was attacked by an intruder?   After receiving emails from Hilton and Marriott that my email address was stolen in Epsilon, suddenly I am asked to install this old security patch, that concerns me, because it is 2009.

    Any ideas on what could happen? I have not installed, but it keeps asking to be installed.

    Even if I go to Windows update directly it comes up with this security update to do.

    It is a legitimate windows update there will be no problem with the installation. Some security updates are defined as optional and not pushed through, please download and install, then run a virus scan to make sure that your system is clean. Download the update from here.


  • Possible infection?

    My computer started acting strange in recent days despite my efforts.  It will never go to sleep and I get high CPU usage messages of Norton.  A current said COM surrogate, I think.  If I open the Task Manager I see DLLhost.exe about ten times in the process.  Yesterday, it was abhuvfoy.exe or something close.  I was able to get rid of it by doing a system restore to 3 weeks.  Norton and Windows seem unable to do anything about it either, really makes me wonder what he does all the time now, this isn't me.  Any suggestions?

    _ Norton?

    Search for malware:

    Download, install, execute, update and perform analyses complete system with the two following applications:

    Remove anything they find. Reboot when necessary. (You can uninstall one or both when finished.)

    Search online with eSet Online Scanner. Delete everything is found.

    Restart the computer.

Maybe you are looking for

  • Is it possible to transfer an image to a computer in a new?

    I am planning to build a new computer, and think a picture of my current computer's hard drive and then transfer it to the new computer, so the software and everything will remain the same.  Is it possible, or I have to buy a new copy of XP (but I do

  • Bios AHCI 3.28?

    Computer: HP Pavilion with revision of BIOS 3.28 23/01/06 Where can I view/edit if the SATA controller is configured to AHCI? I can't find anything in the BIOS Setup. Thank you

  • USB drivers do not work properly.

    I have a netbook Vaio (name of the VPCM13M1E model) and USB drives will not work correctly. I ran a microsoft fix (hardware and devices one by one). The results said: -universal host controller USB Intel (r) 82801g (ICH7 family) - 27 8 does not work

  • Change the default permissions for the folders created by the Weblogic process

    Hi guys,.We have IPM application running on Weblogic 11 g. It has a java process (Oracle InputAgent calls) which creates files on the Linux server.We find that this agent is to create these folders with unique permissions (owner rwe group - r).It dos

  • DB Link to SQL Server

    Hi allI'm trying to understand how to configure a DB connection to MS SQL Server, I learned a lot of links but still do not see where I am going wrong.I tested different types of configuration:Oracle Database 11 g on AIX--> gateway databas