Virus Malware Trojans and other junk
Okay, so, it is true that I am not a Mac person, gasp, but here comes a true unbiased.
I helped a member of the family rebuild a MacBook Pro using a USB stick to boot and install the latest version of El Capitan. I was helping to restore the data literally 48 hours later and to my surprise, that the machine was infected with two pieces of malware (which was visible) 'Advanced Mac Cleaner' and 'ZipClould '. It is interesting ZipCloud himself had placed in the dock bar, replacing a similar looking cloud storage service.
So clearly the machine has been compromised, and it was easier to rebuild than to go on the road to 'cleaning up' at this stage.
How can I avoid this happening again? I can't look over the shoulder 24 x 7, but there should be a way to avoid this.
Mac users often ask if they should install "anti-virus" (AV) or software "anti-malware". The answer is 'no', but it can give the false impression that there is no threat of what is loosely called 'virus '. There is a threat.
1. it is a comment on what you should - and should not-do to protect you from malicious software ("malware") that runs on the Internet and gets onto a computer as an unintended consequence of the user's actions.
It does not apply to the software, such as keyloggers, which can be installed deliberately by an intruder who has convenient access to the computer, or who has been able to take control of it remotely. This threat is in a different category, and there is no easy way to defend against it. AV software is not intended to and does not, to defend against these attacks.
The comment is long because the issue is complex. The essential points are in articles 5 and 11.
OS X implements now three levels of integrated protection specifically against malware, not to mention the protections of runtime such as quarantine the file, execute disable, sandbox, protecting the integrity of system, System Library randomization and randomized address space layout , which can also prevent other kinds of exploits.
2. all versions of Mac OS X 10.6.7 were able to detect the malware Mac known in downloaded files and block non-secure web plugins. This feature is transparent to the user. Apple calls internally it "XProtect."
The malware used by XProtect recognition database is automatically updated. However, you should not count on it, because the attackers are still at least a day before the defenders.
The following restrictions apply to XProtect:
☞ circumvented by some third-party network software, such as the BitTorrent clients and Java applets.
☞ It applies only to software downloaded on the network. Software installed from a CD or other media is not verified.
As new versions of Mac OS X are available, it is not clear whether Apple will continue indefinitely maintain the older versions such as 10.6 XProtect database. Versions of obsolete systems security may eventually be affected. Updates to security for the code of obsolete systems will be stop being released at any given time, and which can leave them open to other types of attack in addition to malware.
3. starting with the OS X 10.7.5, there was a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and installation packages downloaded from the network will be run only if they are digitally signed by a developer to a certificate issued by Apple. Certified software in this way has not been checked for safety by Apple, unless it comes to the App Store, but you can be reasonably sure that it has not been changed by someone other than the developer. His identity is known to Apple, so it could be held legally responsible if it distributes malicious software. Which may not mean much if the developer lives in a country with a weak legal system (see below).
Access controller does not depend on a database of known malware. He has, however, the same limitations as XProtect and in addition the following:
☞ It can easily be turned off or overridden by the user.
☞ A malware attacker could find a way around it, or could take control of a certificate of signing of code under false pretenses or could simply ignore the consequences of the distribution of malware Tryggvason.
☞ Developer App store could find a way around the Apple control, or the control may fail due to human error.
Apple took too long to revoke some known attackers codesigning certificates, thus diluting the value of the keeper and the program developer ID. These variances do not involve the App Store products, however.
For the reasons given, App Store, and, to a lesser extent - other applications recognized by signed Gatekeeper, are safer than others, but they cannot be considered to be absolutely sure. "Sand" applications could make to access to private data, such as your contacts, or for access to the network. Think that before granting access. Security sandbox is based on user input. Never click through any application for leave without thinking.
4. by starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background. He checks and removes, malware that corresponds to a database of recognition held by Apple. To ensure that MRT will be executed when the database is updated, the App Store tab in system preferences and check the box marked
Install the system data files and security updates
If it is not already done.
As XProtect, MRT is effective against known threats, but not against strangers. It alerts you if it detects malware, but otherwise, it has no user interface.
5. the built-in Mac OS x security features reduce the risk of malware attack, but they are not and will never be complete protection. Malware is a problem of human behavior, not a behavior machine, and none only of technological solution will solve. Software protect you from trust only will make you more vulnerable.
The best defense is always going to be your own intelligence. Except perhaps feats of Java, all the known malware, circulating on the Internet wearing reached a completely setting installation to update to OS X 10.6 or later takes the form of so-called "Trojans", which may have no effect if the victim is deceived in their execution. The threat thus amounts to a battle of wits between you and cybercriminals. If you are better informed, they think you are, you win. In effect, it means that you always stay in the shelter of practical computing. How do you know when you leave the safe harbor? Here are a few signs warning of danger.
Software from a reliable source
☞ Software with a brand, such as Adobe Flash Player, does not come directly from the Web site. Don't be fooled an alert of any website for updating Flash, or your browser, or other software. A real alert that Flash is outdated and blocked is shown on this support page. In this case, follow the instructions on the support page. Furthermore, assume that the alert is false and that someone is trying to rip you off to install malicious software. If you see these alerts on more than one Web site, ask for instructions.
☞ Software any is distributed via BitTorrent or Usenet, or on a Web site that distributes pirated music and movies.
☞ Rogue sites Web such as CNET Download MacUpdate, Soft32, Softonic and SourceForge distribute free applications that have been packaged in a superfluous "install".
☞ The software is advertised through spam or intrusive web ads. Any announcement, on any site, which includes a direct link to a download should be ignored.
Software that is clearly illegal or doing something illegal
Commercial software ☞ high-end such as Photoshop is "cracked" or "free."
☞ An application helps you violates copyright law, for example to circumvent the copy protection on a commercial software, or streamed media recording to be reused without permission. All the 'YouTube downloaders' are in this category, but not all are necessarily malicious.
Conditional or unsolicited offer from strangers
☞ A phone calling or a web page you indicates that you have a "virus" and offers to remove. (Some reputable sites warned visitors who have been infected with the malware "DNSChanger" legitimately. The exception to this rule applies.)
☞ A web site offers a free content like music or video, but for use, you must install a "codec", 'plug-in', 'player' 'Downloader', 'extractor', or 'certificate' which comes from the same site, or a stranger.
☞ You win a prize in a competition that you are never entered.
☞ someone on a forum like this is eager to help you, but only if you download an application of your choice.
☞ a 'FREE WI - FI!' network presents itself in a public place like an airport, but is not provided by management.
☞ Online everything that you expect to pay is 'free '.
Unexpected events
☞ a file is downloaded automatically when you visit a web page, without any further action on your part. delete any file without opening it.
☞ You open what you think, it is a document and you receive an alert that it is "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you still need to delete any file that is not what you expected it to be.
☞ An application does something you don't expect, such as permission to access your contacts, your location or the Internet without obvious reason.
☞ Software is attached to the email you na not ask, even if it is (or seems to come) by a person of trust.
I do not leave the safe harbour that once will necessarily lead to disasters, but make a habit of it will weaken your defenses against malicious software attacks. None of the above scenarios must, at the very least, make you uncomfortable.
6. Java on the Web (not to be confused with JavaScript, to which it is not related, despite the similarity of names) is a weak point in the security of any system. Java is, among other things, a platform to run complex applications in a web page. That was always a bad idea, and Java developers have proved unable to apply it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been a type virus Windows affecting OS X. simply load a page with Java malicious content could be harmful.
Fortunately, client-side Java on the Web is outdated and largely disappeared. Only a few outdated sites still use it. Try to accelerate the process of extinction by avoiding these sites, if you have a choice. Forget to play games or other uses not Java essentials.
Java is not included in OS X 10.7 and later versions. Discrete Java installers are distributed by Apple and Oracle (the developer of Java). Do not use one unless you need it. Most of the people don't. If Java is installed, turn it off- not the JavaScript in your browser.
Whatever the version, experience has shown that Java on the Web is not reliable. If you must use a Java applet for a job on a specific site, Enable Java only for the site in Safari. Never activate Java for a public Web site that carries the third-party advertising. Use only on websites that are well known, protected by login and secure without ads. In Safari 6 or later, you will see a padlock icon in the address bar when you visit a secure site.
7. another perennial weak point is Adobe Flash Player. Like Java, Flash is declining well deserved, but content Flash is still much more widespread than the contents of Java on the Web. If you choose to install the Flash plugin, you can reduce your exposure to Flash by checking the box marked
Stop the plug-ins to save energy
in the Advanced tab of the preferences of Safari window, if not already done. Consider also installing an extension Safari as "ClickToFlash" or "ClickToPlugin." They will prevent the Flash content automatically load and are initially not Flash video is substituted for Flash on YouTube and perhaps a few other sites. I tested the extensions and found them safe, but you should always do your own research before you decide whether to trust any third party software.
8. remain within the sphere of security, and you will be as safe from malware you can be practically. The rest of this comment is what you must do to protect you.
Never install any AV or products 'Internet security' for Mac if you have a choice, because they are all worse than useless. If you are required by a (wrong) institutional policy to install some kind of AV, choose one of the free apps in the Mac App Store, nothing else.
Why you should not use products AV?
☞ To recognize malware, software depends on a database of known threats, which is always at least one day to day. This technique is a proven failure, as a major supplier of AV software has admitted. Most of the attacks are "zero-day" - that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry comes to realize that the traditional AV software is worthless.
☞ design is based generally on the nonexistent threat that malware can be injected at any time, anywhere in the file system. Malware is downloaded from the network; He is not of the blue leaves. To meet this threat does not exist, a commercial AV software changes or low level functions of the operating system, which is a waste of resources and a frequent cause of instability, bugs, poor performance, and duplicates.
☞ changing the operating system, the software can also create weaknessesthat could be exploited by malicious attackers.
☞ especially, a false sense of security is dangerous. This fact relates to all AV software it will never be any changes elsewhere.
9. a free AV product from the Mac App Store is safe as long as you don't let it delete or move files. Ignore all the warnings that it can give you on "heuristic" or "phishing." These warnings, if they are not simply false positives, see the text of e-mail messages or updates cached web pages, not malware.
An AV application is not necessary and may not be invoked for protection against malware for OS X. It is useful, or even not at all, only to detect malware Windows and even for this use it is not really effective, because the new Windows malware makes its appearance much faster than OS X malware.
Windows malware cannot hurt you directly (unless, of course, you use Windows). Just do not pass to someone else. A malicious link in the e-mail is usually easy to recognize by the name alone. A concrete example:
London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
You don't need software to tell you it's a horse Trojan for Windows. Software may be able to tell what trojan is, but who cares? In practice, there is no reason to use a recognition software, unless an organizational strategy requires. Malware Windows is so widespread that you must assume that it is in each attachment until proof to the contrary. Nevertheless, a free AV product on the App Store can serve a purpose if it fulfills a misinformed network administrator that says you must have some sort of application AV. An App Store product will not change the operating system; in fact, it does nothing, unless you run it.
If you are just curious to know if a file is considered malware by the AV engines, you can download it from the "VirusTotal" site, where it will be tested against most of them without charge. A negative result is evidence of what whether, for the reasons given above. I do not recommend doing this with a file that may contain private information.
10. There seems to be a common belief that the firewall Application acts as a barrier to infection, or prevents operation of malware. He does not. It blocks incoming connections to some network services you are using, such as file sharing. It is disabled by default, and you should leave it like that if you're behind a router on a private home or office network. Activate only when you are on an untrusted network, for example a public Wi - Fi hotspot, where you do not want to provide services. Disable services that you don't use in the sharing preferences window. All are disabled by default.
11. as a Mac user, you don't have to live in fear that your computer may be infected whenever you install the software, read emails, or visit a web page. But nor can you assume that you will always be free from exploitation, no matter what you do. Internet browsing, it's like walking the streets of a big city. It can be as safe or as dangerous that you choose to do so. The greatest harm done by software AV is precisely its selling point: it makes people feel safe. They can then feel sufficiently safe to take risks, which the software does not protect them. Nothing can reduce the need for safe computing practices.
Tags: Mac OS & System Software
Similar Questions
-
I have what appears to be a virus/malware/Trojan horse
and it is located near Microsoft security essentials and is listed as a serious threat, but it is allowed. I never allowed that and I can't get rid of it?
Search for malware:
Download, install, execute, update and perform analyses complete system with the two following applications:
Remove anything they find. Reboot when necessary. (You can uninstall one or both when finished.)
Search online with eSet Online Scanner.
The less you have to run all the time, most things you want to run will perform:
Use Autoruns to understand this all starts when your computer's / when you log in. Look for whatever it is you do not know using Google (or ask here.) You can hopefully figure out if there are things from when your computer does (or connect) you don't not need and then configure them (through their own built-in mechanisms is the preferred method) so they do not - start using your resources without reason.
You can download and use Process Explorer to see exactly what is taking your time processor/CPU and memory. This can help you to identify applications that you might want to consider alternatives for and get rid of all together.
Do a house cleaning and the dust of this hard drive:
You can free up disk space (will also help get rid of the things that you do not use) through the following steps:
Windows XP should take between 4.5 and 9 GB * with * an Office suite, editing Photo software, alternative Internet browser (s), various Internet plugins and a host of other things installed.
If you are comfortable with the stability of your system, you can delete the uninstall of patches which has installed Windows XP...
http://www3.TELUS.NET/dandemar/spack.htm
(Especially of interest here - #4)
(Variant: http://www.dougknox.com/xp/utils/xp_hotfix_backup.htm )You can run disk - integrated into Windows XP - cleanup to erase everything except your last restore point and yet more 'free '... files cleaning
How to use disk cleanup
http://support.Microsoft.com/kb/310312You can disable hibernation if it is enabled and you do not...
When you Hibernate your computer, Windows saves the contents of the system memory in the hiberfil.sys file. As a result, the size of the hiberfil.sys file will always be equal to the amount of physical memory in your system. If you don't use the Hibernate feature and want to reclaim the space used by Windows for the hiberfil.sys file, perform the following steps:
-Start the Control Panel Power Options applet (go to start, settings, Control Panel, and then click Power Options).
-Select the Hibernate tab, uncheck "Activate the hibernation", and then click OK. Although you might think otherwise, selecting never under "Hibernate" option on the power management tab does not delete the hiberfil.sys file.
-Windows remove the "Hibernate" option on the power management tab and delete the hiberfil.sys file.You can control the amount of space your system restore can use...
1. Click Start, right click my computer and then click Properties.
2. click on the System Restore tab.
3. highlight one of your readers (or C: If you only) and click on the button "settings".
4 change the percentage of disk space you want to allow... I suggest moving the slider until you have about 1 GB (1024 MB or close to that...)
5. click on OK. Then click OK again.You can control the amount of space used may or may not temporary Internet files...
Empty the temporary Internet files and reduce the size, that it stores a size between 64 MB and 128 MB...
-Open a copy of Microsoft Internet Explorer.
-Select TOOLS - Internet Options.
-On the general tab in the section 'Temporary Internet files', follow these steps:
-Click on 'Delete the Cookies' (click OK)
-Click on "Settings" and change the "amount of disk space to use: ' something between 64 MB and 128 MB. (There may be many more now.)
-Click OK.
-Click on 'Delete files', then select "Delete all offline content" (the box), and then click OK. (If you had a LOT, it can take 2 to 10 minutes or more).
-Once it's done, click OK, close Internet Explorer, open Internet Explorer.You can use an application that scans your system for the log files and temporary files and use it to get rid of those who:
CCleaner (free!)
http://www.CCleaner.com/
(just disk cleanup - do not play with the part of the registry for the moment)Other ways to free up space...
SequoiaView
http://www.win.Tue.nl/SequoiaView/JDiskReport
http://www.jgoodies.com/freeware/JDiskReport/index.htmlThose who can help you discover visually where all space is used. Then, you can determine what to do.
After that - you want to check any physical errors and fix everything for efficient access"
CHKDSK
How to scan your disks for errors* will take time and a reboot.Defragment
How to defragment your hard drives* will take timeCleaning the components of update on your Windows XP computer
While probably not 100% necessary-, it is probably a good idea at this time to ensure that you continue to get the updates you need. This will help you ensure that your system update is ready to do it for you.
Download and run the MSRT tool manually:
http://www.Microsoft.com/security/malwareremove/default.mspx
(Ignore the details and download the tool to download and save to your desktop, run it.)Reset.
Download/install the latest program Windows installation (for your operating system):
(Windows XP 32-bit: WindowsXP-KB942288-v3 - x 86 .exe )
(Download and save it to your desktop, run it.)Reset.
and...
Download the latest version of Windows Update (x 86) agent here:
http://go.Microsoft.com/fwlink/?LinkId=91237
... and save it to the root of your C:\ drive. After you register on the root of the C:\ drive, follow these steps:Close all Internet Explorer Windows and other applications.
AutoScan--> RUN and type:
%SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE
--> Click OK.(If asked, select 'Run'). --> Click on NEXT--> select 'I agree' and click NEXT--> where he completed the installation, click "Finish"...
Reset.
Now reset your Windows with this FixIt components update (you * NOT * use the aggressive version):
How to reset the Windows Update components?Reset.
Now that your system is generally free of malicious software (assuming you have an AntiVirus application), you've cleaned the "additional applications" that could be running and picking up your precious memory and the processor, you have authorized out of valuable and makes disk space as there are no problems with the drive itself and your Windows Update components are updates and should work fine - it is only only one other thing you pouvez wish to make:
Get and install the hardware device last drivers for your system hardware/system manufacturers support and/or download web site.
-
My tech says my Firefox guy turned - I could not even to your Web site. When I google something, no matter what I click on, he goes somewhere else. It's even happened when I went to click Open an email - a new tab open with this horrible thing in it. Oh and another thing: when it takes you to the wrong site, you can not click on the back button to return whenever it was you were. You must close the tab all.
This has happened
Each time Firefox opened
== It could be a coincedence, but it started when I installed AVG and the yahoo toolbar came with it. I disabled it, but maybe
Your problem can be caused by Malware. You can run and update according to free anti-virus software:
1. Malwarebytes (free version) - http://www.malwarebytes.org
2. Spybot Search & Destroy - http://www.safer-networking.org
3. Spyware Terminator - http://www.spywareterminator.com
(Not all programs to detect the infection even)In addition, there are a number of forums, you can use to help get rid you of your infection. It is:
-
If I click on "Download Firefox Web site, I have McAfee warning. How can rest assured that there are no viruses or malware in the download?
Can you download here: http://www.mozilla.org/firefox/fx/#desktop
If you ever have doubts about a download or an attachment, you can download it from this site for scanning: http://www.virustotal.com/
-
Have unwanted ads and other junk that is attached to my hotmail, how can I get rid of it
Alll of my address book was taken over by those viagra ads that they pass under my name and email address. How can I stop this?
Hi Gary A.Robinson,.Try to send your request/comments to Hotmail Announces Control.For more information, see:
For better assistance, post your request in the Forums of Hotmail. -
Have a virus/malware and cannot open windows mail and how export/copy the measages
I should have gotten a virus/malware/trojan, which affects the connection and does not allow me to open the control panel, or windows mail.
I need to know how to copy/backup/export the e-mail messages that are still there. Of course, I can't use the export function since I can't open windows mail.
Hello
- You receive an error message when opening Control Panel or Windows mail?
- What were the changes made before the issue occur?
You can view these methods:
Method 1:I suggest you make a system full scan just to be sure and check.
http://www.Microsoft.com/security/scanner/en-us/default.aspxNote:The data files that are infected must be cleaned only by removing the file completely, which means that there is a risk of data loss.Method 2:NOTE:
Change the settings of the REGISTRY can cause serious problems that may prevent your computer from starting properly. Microsoft cannot guarantee that problems resulting from the REGISTRY settings configuration can be solved. Changes to these settings are at your own risk.You might try the following and see if it helps to get Windows Mail open.
You can delete all entries in the registry for Windows Mail. The junk e-mail filter information have been corrupted.a. Click Start, in the search box, type regedit. Then choose continue to leave and then read the help file.b. then highlight this registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows Mailright-click and choose export to back it up. You can save it to your desktop. It will save the key as a measure of protection.c. make sure that Windows Mail is closed and right click on the key again, and then choose Remove.d. then try to start Windows Mail and see if it is now open. -
I've been running windows 7 64 bit with SP1 and all the updates that are known for 10 months without any problem. Now, a 'non-genuine windows' malware appear and other software (Acronis) not said this is the evaluation version when it's the fully paid for version. What should I do to solve this problem. Rick Rickard
You must read the user final license agreement and you will find that the OEM licenses have restrictions. You need to understand.
If you want to move windows from one computer to another, you need a full commercial license.This same problem is again this morning on another computer where he runs a real operating system from microsoft, Windows 7 32 bit SP!, more than 4 months. Today he says that my win 7 op sys is not authentic. This computer has been customized built so I was the first to install a sys op on it.
After a diagnostic for the analysis report. -
just got one of these "fake virus/malware" warnings and a click here to remove I've seen before over the years. I did a screen pring and disconnected my network cable and rebooted. Would like to send my impression of screed to someone who might be able to track down. It must be quite new if my safety at day missed. It would be so nice to take one of these jerks in jail who create such things. Anyway, the site allegedly attached to this was:
http://jcgdgdeh.CE.Ms/fast-scan/
And of course the page Web said I was infected with all sorts of things but by "clicking here" will arrange everything. I pulled my network cable and rebooted instead (after the screenshot).
Hi ZacharyWright,
You can run the Microsoft to check security scanner for infection by the virus. Check out the following link.
Microsoft Safety Scanner - free online tool for PC health and safety
-
Get rid of software spies and other trackers? __
I use McAfee software, but think I have spyware, malware, cookies and other tracking devices "considerably slow down my computer! When I log my Comcast Internet, it takes a long time and I see "waiting for bridgetrack, or Zedo, Malware.com... generic and others ' before I get connected. Then my computer research are very slow! How can I get rid of all these trackers? Help really appreciated.
McAfee is probably the worst choice for an antivirus, with Norton then close. Recommended antivirus programs are (commercial) NOD32, Avast or Avira (both have free versions). However, you need to get your computer cleaned before removing McAfee and install another antivirus.
Through these generals the malware removal not systematically - http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include analysis with David Lipman's Multi_AV of and follow the instructions to do all scans in Mode without failure. Read the Special Notes about the use of Multi_AV in Vista.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and further instructionsIf you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). Please be aware that not all shops are skilled at removing malware, and even if they are, your computer may be so infested that Windows will have to be properly installed. If possible, have all your data backed up before taking the machine into a shop. MS - MVP - Elephant Boy computers - don't panic!
-
Received a phone call from an organization called Windows Security (or similar name). They advise that they have indications that my computer was attacked by viruses and other malware, has offered assistance to the assessment, problems, etc. I went through a series of tasks that I believe that gave them access to my computer, but then got suspicious, and said I would call back. Given telephone number was (520) 720-0786. Given names were Sean Wilson and Bryan Hussey. Please indicate if they are legit, and if not, what can I do to protect myself? Appreciate your help... Brian
Received a phone call from an organization called Windows Security (or similar name). They advise that they have indications that my computer was attacked by viruses and other malware, has offered assistance to the assessment, problems, etc. I went through a series of tasks that I believe that gave them access to my computer, but then got suspicious, and said I would call back. Given telephone number was (520) 720-0786. Given names were Sean Wilson and Bryan Hussey. Please indicate if they are legit, and if not, what can I do to protect myself? Appreciate your help... Brian
This is a complete scam. You can report it to your local police.
For your own protection, you should:- Change your passwords on email accounts, accounts financial and sensitive to which accounts you access online from this PC. RIGHT NOW!
- Run a full scan of your PC using your antivirus application... Also download and run a full scan with Malwarebytes Anti-malware (free edition). MBAM is a very good solution in addition to your primary backup antivirus/antimalware application.
- I would also go here: https://www.microsoft.com/security/portal/Shared/Help.aspx and follow the advice of "I think that my PC is infected", including potentially calls MS help.
- Above all, do not delay! If you have any concerns about the handling of it, then disconnect your computer from the internet and call MS before anything else.
-
has failed because of a virus/trojan and it seems that my computer has been hacked... help
Hello
If you need search malware here's my recommendations - they will allow you to
scrutiny and the withdrawal without ending up with a load of spyware programs running
resident who can cause as many questions as the malware and may be harder to detect as
the cause.No one program cannot be used to detect and remove any malware. Added that often easy
to detect malicious software often comes with a much harder to detect and remove the payload. Then
its best to be thorough than paying the high price later now too. Check with them to one
extreme overkill point and then run the cleaning only when you are sure that the system is clean.It can be made repeatedly in Mode safe - F8 tap that you start, however, you must also run
the regular windows when you can.TDSSKiller.exe. - Download the desktop - so go ahead and right-click on it - RUN AS ADMIN
It will display all the infections in the report after you run - if it will not run changed the name of
TDSSKiller.exe to tdsskiller.com. If she finds something or not does not mean that you should not
check with the other methods below.
http://support.Kaspersky.com/viruses/solutions?QID=208280684Download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone.
(If Rootkits run UnHackMe)Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Malwarebytes - free
http://www.Malwarebytes.org/products/malwarebytes_freeSuperAntiSpyware Portable Scanner - free
http://www.SUPERAntiSpyware.com/portablescanner.HTML?tag=SAS_HOMEPAGERun the malware removal tool from Microsoft
Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.
You should get this tool and its updates via Windows updates - if necessary, you can
Download it here.Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
(Then run MRT as shown above.)Microsoft Malicious - 32-bit removal tool
http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=enMicrosoft Malicious removal tool - 64 bit
http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=enalso install Prevx to be sure that it is all gone.
Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Prevx - Home - free - small, fast, exceptional CLOUD protection, working with others
security programs. It is a single scanner, VERY EFFICIENT, if it finds something to come back
here or use Google to see how to remove.
http://www.prevx.com/ <-->
http://info.prevx.com/downloadcsi.asp?prevx=Y <-->Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.aspTry the demo version of Hitman Pro:
Hitman Pro is a second scanner reviews, designed to save your computer from malicious software
(viruses, Trojans, rootkits, etc.). who infected your computer despite safe
what you have done (such as antivirus, firewall, etc.).
http://www.SurfRight.nl/en/hitmanpro--------------------------------------------------------
If necessary here are some free online scanners to help the
http://www.eset.com/onlinescan/
-----------------------------------
Original version is now replaced by the Microsoft Safety Scanner
http://OneCare.live.com/site/en-us/default.htmMicrosoft safety scanner
http://www.Microsoft.com/security/scanner/en-us/default.aspx----------------------------------
http://www.Kaspersky.com/virusscanner
Other tests free online
http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1--------------------------------------------------------
After the removal of malicious programs:
Also follow these steps for the General corruption of cleaning and repair/replace damaged/missing
system files.Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup
RUN - type in the box-
sfc/scannow
Then run checkdisk (chkdsk).
RUN - type in the box-
Chkdsk /f /r
-----------------------------------------------------------------------
If we find Rootkits use this thread and other suggestions. (Run UnHackMe)
================================
For extreme cases:
Norton Power Eraser - eliminates deeply embedded and difficult to remove crimeware
This traditional antivirus analysis does not always detect. Because the Norton Power Eraser
uses aggressive methods to detect these threats, there is a risk that it can select some
legitimate programs for removal. You should use this tool very carefully and only after
you have exhausted other options.
http://us.Norton.com/support/DIY/index.jsp================================
If you are in North America, you can call 866-727-2338 for virus and spyware help
infections. See http://www.microsoft.com/protect/support/default.mspx for more details. For
international information, see your subsidiary local Support site.Microsoft support - Virus and Security Solution Center
http://support.Microsoft.com/contactus/cu_sc_virsec_master?ws=support#TAB0I hope this helps and happy holidays!
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">
-
Can someone give me easy to understand step by step instructions to REMOVE or DISABLE VISTA ANTISPYWARE 2010 before I go crazy? Thank you!!!
Hello
Try Mode safe mode with networking - repeatedly, press F8 that you start.
The best two methods allow scanners to run and/or AV.exe out of the way or removing.
1.
CTRL SHIFT ESC - task manager OR right click on the taskbar - task managerProcess tab - complete the process on AV. EXE and continue with the uninstall Guide.
If necessary use start - computer or Windows Explorer to navigate to
C:\Program Malwarebytes Anti - Malware\mbam.exe or where it is installed - if
necessary right click on the shortcut of Malwarebytes - Properties - tab - target line to see where it
is installed.Right-click on it and rename it to ZZMbam.COM (or something different than now) and
Double-click it, and then run it like this. You can rename it back later. Do the same with
other programs according to the needs. Use this method to others as needed - NOT assume all
a program deletes all or that it is no other malicious software. Use the ".com"
prevents the extension as this malware. EXE to run.---------------------------------------------------
2.
Another method is to use them:Use Process Explorer to "Suspend" the process will not stop
Then use AutoRuns to delete the malicious program startup items.
Now use UnLocker to delete the files in the malware.
You may need to do a file at a time.
Process Explorer - free
http://TechNet.Microsoft.com/en-us/Sysinternals/bb896653.aspxAutoRuns - free
http://TechNet.Microsoft.com/en-us/sysinternals/bb963902.aspxUnLocker - free (do not install the adaware Ebay)
http://www.Softpedia.com/get/system/system-miscellaneous/unlocker.shtmlAV.exe
==============================================
There are MANY varieties of the latter with a lot of names, but all can be removed with the
same methods:
Vista Antispyware 2010, XP Internet Security 2010, Antivirus 2010 Vista and Win 7 Antispyware 2010
are rogue antivirus, scams to get you to pay for them while they have no advantage at all.How to remove all THE varieties of this malware - please read carefully the removal Instructions.
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-Vista-2010RENAME this as necessary to allow them to perform: (use a different name with the extension .COM instead of .exe)
It can be made repeatedly in Mode safe - F8 tap that you start, however, you must also run the
in the regular when windows you can.Download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone. (If Rootkits
UnHackMe execution)Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Malwarebytes - free
http://www.Malwarebytes.org/Run the malware removal tool from Microsoft
Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.
You should get this tool and its updates via Windows updates - if necessary, you can download
here.Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
(Then run MRT as shown above.)Microsoft Malicious - 32-bit removal tool
http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=enMicrosoft Malicious removal tool - 64 bit
http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=enalso install Prevx to be sure that it is all gone.
Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Prevx - Home - free - small, fast, exceptional CLOUD protection, working with other security programs.
It is a single scanner, VERY EFFICIENT, if it finds something to come back here or use Google to see
How to remove.
http://www.prevx.com/ <-->
http://info.prevx.com/downloadcsi.asp <-->Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.aspTry the demo version of Hitman Pro:
Hitman Pro is a second scanner reviews, designed to save your computer from malicious software (viruses,
Trojan horses, rootkits, etc.). that has infected your computer despite all security measures that you have
taken (such as the anti-virus software, firewall, etc.).
http://www.SurfRight.nl/en/hitmanpro--------------------------------------------------------
If necessary here are some free online scanners to help the
http://www.eset.com/onlinescan/
http://OneCare.live.com/site/en-us/default.htm
http://www.Kaspersky.com/virusscanner
Other tests free online
http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1--------------------------------------------------------
Also do to the General corruption of cleaning and repair/replace damaged/missing system files.
Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup
Start - type this in the search box-> find COMMAND at the top and RIGHT CLICK – RUN AS ADMIN
Enter this at the command prompt - sfc/scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.Microsoft.com/kb/928228Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.
How to run the check disk at startup in Vista
http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html-----------------------------------------------------------------------
If we find Rootkits use this thread and other suggestions. (Run UnHackMe)
I hope this helps.
Rob - bicycle - Mark Twain said it is good.
-
- As before, when my computer when my computer has been infected, I get a svchost.exe error, repeatedly, whenever I restart the computer. The infection has been discovered that the last time by my anti-virus software, because it was hidden. It was a computer expert on this forum who told me my computer was infected by svchost.exe repeated error messages that I received. I ran my Avast software, anti-malware software from MSFT Security Center, Win Defender, etc. this time, and it has detected no infections. (Yes, I know what to do to pass this message means not necessarily my computer is infected, but the tech guy said that it is likely, given that the error message appeared on several occasions). How detect and destroy the virus/malware hidden, etc?
- Also, if anyone can answer another question... I was told that it is not recommended that I have two programs of anti-virus software, which I do - Win Defender and Avast (I guess they may conflict). I tend to want to keep Avast, but would like to know if I have to keep Win Defender instead, because it is a Win a Win system program. If I've got this me getting rid of one of them, is it recommended that I both uninstall and then reinstall one of them?
A person help would be appreciated!
Thnx, Dharma
WHAT I HAVE: Win XP Media Center, MS Office 7 Professional (used at home), IE8, Outlook 7, HP w / 32-bit dual core processor, latest version of Avast & Win Defender, Srvc Pack 2 and 3 (although I know that I don't need 3 because I have not upgraded to Win 7, but it won't let me uninstall it!) and regularly updates Win.
PS Please ask questions if you have, before you answer, so it will be less likely that I'll get the wrong answers that don't relate directly my questions! (Can say you that has already happened? (LOL).
You pouvez have a type of rootkit of malware infection. Rootkits can transform and change of identity on your OS (and are difficult to detect and remove) and many computing professionals recommend a reinstall of the operating system in order to ensure that the rootkit is removed.
Follow the suggestions in the Brian - post. The link that he provided is an excellent reference. If you have a rootkit, TDSS Killer or one of the other programs listed pourrait be able to remove it.
You can also:
You can get free help in the removal of malware from MS Support here: http://supportservices.microsoft.com/support/services/virus_malware_removal
If you are in North America, you can call the MS Support to 866-727-2338 for help with infections of virus and spyware.
For international information see your subsidiary local technical support site.
Or get assistance from Avast at: http://www.avast.com/support
You have SP3 on your Win XP OS and if you plan to switch to Win 7 make sure that your processor and RAM will manage Win 7... with your history of technology issues a reformatting/clean install of Win 7 would be a good idea. Because of the possibility of conflicts, I do not recommend using Windows Defender with Avast or any other resident AV program. Suggest uninstall you Windows Defender in Control Panel. MSE and several other AV programs require the removal of Windows Defender in XP (or disabling the Defender in Vista and Win 7).
Kind regards...
-
Uniblue and very dangerous virus/malware scam
I was doing an internet speed test and saw an advert for Uniblue and noticed that is called with Microsoft. I thought it would be safe to trust Microsoft Word. After the purchase of their product, there are several Trojan, carries horses stolen downloaders, etc.. This Uniblue it's complete bullshit. I can't believe that Microsoft would use their name. This opens my eyes to the point where even Microsoft can't be trusted. The fake anti virus will take over your machine and modify your registry to block any attempt to clean your computer. The fake virus 'Vista anti-virus 2011' will constantly you spam with false reports, while continuing to edit your registry database and other information. It also comes with a bunch of malicious software that steals your personal information such as credit card information, social security, etc. I want to know is which Microsoft intends to do about it? Or just do, they want money and can care, since this will lead to poorly informed customers to buy more security with Microsoft. At this point, I think even to use a Mac. This is the type of betrayal, that a company like Microsoft will put on its customers? This virus is very difficult to remove, usually requiring a complete reformat. If anyone knows what I'm not talking about spreading this news.
I was doing an internet speed test and saw an advert for Uniblue and noticed that is called with Microsoft. I thought it would be safe to trust Microsoft Word. After the purchase of their product, there are several Trojan, carries horses stolen downloaders, etc.. This Uniblue it's complete bullshit. I can't believe that Microsoft would use their name. This opens my eyes to the point where even Microsoft can't be trusted. The fake anti virus will take over your machine and modify your registry to block any attempt to clean your computer. The fake virus 'Vista anti-virus 2011' will constantly you spam with false reports, while continuing to edit your registry database and other information. It also comes with a bunch of malicious software that steals your personal information such as credit card information, social security, etc. I want to know is which Microsoft intends to do about it? Or just do, they want money and can care, since this will lead to poorly informed customers to buy more security with Microsoft. At this point, I think even to use a Mac. This is the type of betrayal, that a company like Microsoft will put on its customers? This virus is very difficult to remove, usually requiring a complete reformat. If anyone knows what I'm not talking about spreading this news.
I would like to add the following:
In March of this year, I purchased Registry Booster and System Tweaker Uniblue. I used it once and now it will not open again. I tried to get decent help on their part for the past 3 or 4 weeks without success. They continue to send the instructions includes 20 measures to this end. I did what he told me and the software won't work. I asked for a refund, but they have a stupid policy of 60 days. I came to the conclusion that society Uniblue is nothing more than a scam.
-
is it possible to have all my anti virus/malware programs to all work together without one stop on the other?
is it possible to have all my anti virus/malware programs to all work together without one stop on the other?
I doubt it.
You should never have more than one security product installed on the PC, providing active protection / scan. This can cause performance problems, system instability and conflicts between programs and can affect all installed antivirus product efficiency. Even if you try to have more than one product installed, with an asset and another disabled, disabled product will probably still active components and/or installation of the drivers installed that will conflict with any other antivirus program.
Maybe you are looking for
-
Deleted Norton Firefox; I have no other browser; How can I recover?
Norton "detected" called Suspicious.Cloud.9"in the latest version of Firefox for Windows XP and deleted Firefox. This computer does not have a different browser on it. Issues related to the: Can I get the previous version of Firefox, which did not ha
-
Is there a way I can share files between users on the same Mac without an internet connection?
Hello world! Quick question here: is there a way I can share files between users on the same Mac without an internet connection? I have two users say that A and B. If I go the long way via the 'Go' menu > 'Computer', I ended up being told to contact
-
I would like to clear up space on my iPhone 6 by downloading all my photos on my macbook pro. How can I do this without losing all my pictures and videos. I already made the mistake of downloading and then thinking that I could delete what I uploaded
-
Hi all Can I use Vivado to compile against the target FPGA 7966R? My configuration is: Dev machine: Windows 7 Professional LabView 2014 (32 bit) with RT and FPGA Modules installed Xilinx 14.4 14.7 and installed Vivado Target computer: Real-time OR PX
-
Problem with Outlook Express "Message has not been downloaded."
I'm having a problem with emails and attachments removed once I open and view them. More specifically, when I opened an e-mail message by using Microsoft Outlook Express 6 with an attachment, I am able to see the file and open the attachment. Howev