Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer takes me elsewhere


  • Please log in to reply
15 replies to this topic

#1 Naniwazu

Naniwazu

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 12 April 2011 - 08:58 AM

I installed Emsisoft(30 day free trial after that 40 Dollars/year) and they found 49 threats. 2 left they told me to go on thier forum to ask them to remove them manually. Still awaiting their anwer. In the meantime I still have the same problem, altough not as bad but still either I am taken to another page (same pages like LOCALDOUBLE.COM) or a page is simply "added" to the one I am trying to open.

Also have a virus I need to shake that prevents automatic updates.

Dowloaded free ANTIVIR.
But not enough.

Tried to download AVAST and KASPERSKY but both are incompatible with my free antivirus and both ask me to remove it first.

Also I am oftentimes taken to pages that "offer me antivirus help" without my looking for them first (Spam).
Either the 2 viruses left cause the problem or I have some more that Antivir and Emsisoft did not detect.

I need 3 ANTIVIRUS that a compatible together. preferably FREE.
or at least 1 I buy and 2 free that are all compatible together.
Please help!!!

Edited by hamluis, 12 April 2011 - 10:14 AM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 12 April 2011 - 01:57 PM

Before doing anything if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

Please follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKiller
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • When the program opens, click the Start Scan button.
  • Any objects found, will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

    Posted Image
  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

    Posted Image
  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Step 7 instructs you to scan your computer using Malwarebytes Anti-Malware. Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.

Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.

-- Some types of malware will target Malwarebytes Anti-Malware and other security tools to keep them from running properly. If that's the case, please refer to the suggestions provided in For those having trouble running Malwarebytes Anti-Malware as you may need to rename it or use RKill by Grinler.


IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously and issues with Windows resource management. Even if one of them is disabled for use as a stand-alone scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus may interpret the activity of the other as suspicious behavior and there is a greater chance of them alerting you to a "False Positive". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that virus or suspicious file. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found when that is not the case.

Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, many anti-virus vendors encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation is not always possible because most of the newer anti-virus programs will detect the presence of others and may insist they be removed prior to download and installation of another. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness or similar symptoms while trying to use it.

To avoid these problems, use only one anti-virus solution.

Anti-virus vendors recommend that you install and run only one anti-virus program at a timeYou can always supplement your anti-virus by performing an Online Virus Scan.

Edited by quietman7, 12 April 2011 - 01:59 PM.

Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#3 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 13 April 2011 - 07:18 PM

Thanks!

The Rootkit killer detected one threat:Rootkit.Win32.TDSS.td14
It asked me to CURE it and to reboot which I did.
I checked again with a second scan to make sure it was gone and it was!!! They said "No threat detected".
Now when I go on the Internet, I can browse again, without being redirected. (Hopefully it stays that way!!!)

Malewarebytes was finally able to FIND suspicious objects (Which it did not previously): below is the log:

******But before you view it, I still have a problem with my Windows Security Center that tells me that my automatic updates IS TURNED OFF (which of course is not; it is some OTHER virus that does that.
When I try to go on Microsoft help website to correct that/download updates, the virus RESETS the connection and I can't go there.
Do you have any idea how to SHAKE this particular virus?
Thanks! :-)

*******You said that several antivirus downloaded might consider each other as threats. I understand.
On top of having Emsisoft free 30 day trial, I have a free antivirus (Antivir)
I downloaded Windows Defender too.
Tell me what do you think. Shall I buy the license for Emsisoft after the 30 day trial?
Thanks! :-)

LOG: (note: this log was before I took action. I quarantined and removed all items.)
====

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6326

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

4/11/2011 12:09:39 AM
mbam-log-2011-04-11 (00-09-35).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 260686
Time elapsed: 34 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\James Crews.HERBIE153\Local Settings\Application Data\fqk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\James Crews.HERBIE153\Local Settings\Application Data\fqk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\James Crews.HERBIE153\Local Settings\Application Data\fqk.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\system volume information\_restore{7fa7481d-784b-4f08-9722-a242e485603d}\RP20\A0092724.exe (Trojan.FakeAlert) -> No action taken.
c:\system volume information\_restore{7fa7481d-784b-4f08-9722-a242e485603d}\RP20\A0092973.exe (Trojan.FakeAlert) -> No action taken.
c:\system volume information\_restore{7fa7481d-784b-4f08-9722-a242e485603d}\RP21\A0098720.exe (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{7fa7481d-784b-4f08-9722-a242e485603d}\RP21\A0100373.exe (Trojan.Agent) -> No action taken.
c:\system volume information\_restore{7fa7481d-784b-4f08-9722-a242e485603d}\RP24\A0106716.exe (Trojan.FakeAV.Gen) ->\

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 14 April 2011 - 08:12 AM

The Rootkit killer detected one threat:Rootkit.Win32.TDSS.td14

That means a TDSS rootkit infected the Master Boot Record (MBR) on your computer.

This particular malware alters the MBR of the system drive to ensure persistent execution of malicious code. Essentially, it overwrites the MBR of the hard disk with its own code and stores a copy of the original MBR at another sector using rootkit techniques to hide itself. For more specific analysis and explanation of the infection, please refer to:
Rescan again with Malwarebytes Anti-Malware (Quick Scan) in normal mode and check all items found for removal. Don't forgot to check for database definition updates through the program's interface (preferable method) before scanning and to reboot afterwards. Failure to reboot normally will prevent Malwarebytes' from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.

The database in your previous log shows 6326. Last I checked it was 6361.

Please perform a scan with Eset Online Anti-virus Scanner.
  • If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
  • Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.[/color][/i]
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply.

Windows Security Center that tells me that my automatic updates IS TURNED OFF of course is not; it is some OTHER virus that does that

Yes malware can disable it but so can some anti-virus programs to prevent conflicts, duplicate warnings and allow them to manage control of the Security Center. Installing/uninstalling several anti-virus programs could create a mess in the registry where the keys are kept.


Shall I buy the license for Emsisoft after the 30 day trial?

Emsisoft (a-squared) products are prone to "false positives" and they even acknowledge this.

...Sometimes security software falsely identifies important crucial system components as a threat (hence the term False Positives - FP).

Removing/deleting critical system files, even temporarily, can make a system crash. Sometimes the system will recover after a reboot, and sometimes it will not. Therefore, you may not be able to start your system. Special system restore measures may be needed, or even a full system re-installation...If detections are FP's, you run the risk of rendering your system inoperable...

a-squared HiJackFree: Using security Software to scan data
a-squared Anti-Malware: Using security Software to scan data
a-squared Free: Using security Software to scan data

...the Anti-Malware Scanner looks for files, folders, registry entries and Tracking Cookies that are typically created by Spyware programs. Traces are exactly these trails that Spyware leaves behind...This approach has both advantages and disadvantages for Malware recognition...The negative side is that it provides a relatively inexact, or insufficiently differentiated to be more precise, Malware recognition. Benign software can be falsely recognized, for example, if it uses the same file name or folder as a dangerous Spyware program.

Software discovered via Traces should therefore first be double-checked to see if it is actually Malware before it is finally deleted...

Spyware Traces in Detail

If you're going to use Emsisoft (a-squared) products, get a second opinion on suspicious or questionable file detections by submitting them to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If there are multiple file detections you're not sure about, then perform an Online Virus Scan like ESET or Kaspersky.

If you suspect the detection was a false positive, then report it to Emsisoft Support so they can investigate or submit samples to their research lab.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#5 Naniwazu1

Naniwazu1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 15 April 2011 - 12:16 PM

Since we last talked, I scanned one last time with Emsisoft free 30 day trial version: they removed all threats but 2.
Then I removed Emsisoft, after reading that Emsisoft caused many good programs not to work, and replaced it with Superantispyware.

Removing Emsisoft helped my Windows Defender do a scan (finally, before it would not work).

After that I scanned with my Antivir and with Superantispyware; both could not remove 2 items: the same 2 items Emsisoft could not remove! These 2 items are still there.)

Then I tried to download Microsoft Fixit program because my Windows Security Center still tells me to turn my automatic updates on, which they are on, but somehow the virus prevents them from turnin on.

http://support.microsoft.com/kb/971058#FixedAlways


Microsoft fixit is said to RESETS Windows Update components), so I tried the non aggressive version first. It did nothing. When I clicked "Run" nothing happened.

I then tried the AGGRESSIVE WAY; still nothing, nothing will open. A message pops that tell me that "no cd" were found.
Therefore I cannot go further manually to remove it with my Command Prompt.

I don't know if the virus/trojan removed the "cd" file so I cannot upload or if it simply INCAPACITATES it or renders it INVISIBLE (hides it).

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 15 April 2011 - 11:23 PM

Some infections are difficult to remove completely because of their morphing characteristics which allows the malware to regenerate itself or infect critical system files which cannot be cleaned. Sometimes there is an undetected hidden piece of malware such as a rootkit which protects malicious files and registry keys so they cannot be permanently deleted. Disinfection will probably require the use of more powerful tools than we recommend in this forum. Before that can be done you will need you to create and post a DDS log for further investigation.

Please read the "Preparation Guide".
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 7 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.
When you have done that, post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the Malware Response Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, please reply back here with a link to the new topic so we can closed this one.

Note: If you cannot create any logs, then still start a new topic, explain that you followed the Prep Guide but were unable to create the required logs. It would also be helpful if you include a description of what happened when you tried to create your logs.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#7 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 19 April 2011 - 07:43 PM

I cannot find my yesterday reply (with all my scan logs) on the "Virus, Trojan, Spyware Forum." SO THAT I COULD FOLLOW UP WITH YOU AND KNOW WHAT TO DO.


Reason is my computer behaved strangely after I started scanning with Antivir, (about 15 minutes ago), which found all kinds of threats.

(they would not let me read the entire names of the threats; all I could see was the beginning of the names:
DMD Bancos Keylogger that captures... critical
CNNIC Update U a program that downloads... Very high
V Malum AWS Trojan Any program with... High
Advanced Stealth "email R. critical
Ld PinchV Keylogger that captures... critical

then my Windows Security UPdate would try to make me buy the full version or continue unprotected.
they came with a windows that said "mpcmdrun.exe is damaged"

And when I tried to go ON THIS FORUM, they told me that this site was a dangerous site with dangerous dowloads.
I dare not LOG INTO this other LOGIN ACCOUNT I created on my computer!


That is why I replied on this topic. I had bookmarked the link on the other USER ACCOUNT on my computer...

==========

I am addign this extra information on WEDNESDAY 20 APRIL 2011:
I believe that the scan above WAS A FAKE SCAN FROM A VIRUS, which virus I have encountered before, ever since I got infected.

I tried to log on my old user name but the virus is still there and won't let me open ANY PROGRAM, so I DUMPED the account.

Bottom line I still have some kind of infection that prevents me from downloading critical AUTOMATIC UPDATES.
Please tell me what to do. :-)
:o

Please HELP!!!

Edited by Naniwazu, 20 April 2011 - 07:42 AM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 20 April 2011 - 09:36 AM

I cannot find my yesterday reply (with all my scan logs) on the "Virus, Trojan, Spyware Forum." SO THAT I COULD FOLLOW UP WITH YOU AND KNOW WHAT TO DO.

This is the only topic I can find for you. It was moved from the XP forum to this one.

From what you describe, you're getting bogus alerts...just ignore them and post your logs in the appropriate forum as instructed in my previous reply.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#9 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 21 April 2011 - 09:18 AM

Remember I cannot log on with my second avatar Naniwazu 1.

I have to go on now with the avatar I first created on this website (Naniwazu).

Just give me the link to my LAST answer under the avatar Naniwazu and I will go to Naniwazu 1, copy my logs and paste them on the Naniwazu link. :)

Edited by Naniwazu, 21 April 2011 - 09:21 AM.


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 21 April 2011 - 09:56 AM

I did not realize you posted your logs under the user Naniwazu1 which explains why I could not find it.

That topic is here. When someone replies with assistance, you should be able to reply with any user name so there is no need to start a new thread. However, be sure to advise the helper you are the same poster as the one who started the topic and why you changed user names.

Please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Response Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Response Team member is already assisting you and not open the thread to respond. I removed your subsequent reply for the reasons indicated so it shows 0 replies again.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#11 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 24 April 2011 - 07:40 AM

I am still waiting for an answer from you regarding my automatic updates which won't turn on.

My defogger is still disabled and I NEED to use this computer function.

My problem boils down to automatic updates which won't turn on. I know it's a VIRUS.
That same virus is what I believe what DISABLED my antivirus AVAST and made this program unable to connect to the Internet!!!

(Tried to RE ENABLE DEFOGGER but I receive AN ERROR MESSAGE that says " DEFOGGER - ERROR" UNABLE TO OPEN FILE.

PLEASE HELP!!!!!!!!!!

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,852 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:24 AM

Posted 24 April 2011 - 05:49 PM

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, requests for help are not always answered in a timely manner. Although our staff work on hundreds of requests each day, they are all volunteers who contribute to helping members as time permits. No one is paid by Bleeping Computer for their assistance to our members.

New and more devious malware infections are released almost daily. It then takes time to investigate, analyze and test removal techniques before we can help members like yourself. Doing that means that we sacrifice speed of response for a quality response that will help remove the malware more effectively.

Further, our First Responder staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Not all staff members have access to or are familiar with every type of operating system version...some may only have Windows XP as they cannot afford to upgrade while others may only have Vista or Windows 7.

Although your topic looks lost in the queue of many pages where others have posted for help since you did, please be patient. It may take a while to get a response but your topic will be answered as soon as possible.

Thank you for understanding.
The BC Staff
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#13 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 24 April 2011 - 07:11 PM

Thanks!!! :)

#14 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 29 April 2011 - 08:06 AM

As you know my computer is running rather smoothly, but cannot check for Windows definition updates.
Even my Windows Defender cannot check for definition updates.

So today I clicked on the link provided by Windows Defender:

http://support.microsoft.com/kb/918355#Advanced_troubleshooting

And they gave me this report, asking me to check what was wrong:

Quote:
Some unexpected errors have happened to software you recently used. You were not asked to send these error reports at the time they occurred. TO help improve the software you use, Microsoft is interested in learning more about these errors. We ahve created reports about the errors for you to send to us. The reports will be treated as confidential and anonymous.
Send report now.
Unquote

They gave me this report telling me that it was 2 MALWARE PROGRAMS that were doing it.

Quote:
Date Time Application Error description size explanation
4/29 7:35:03 Malware Sig unexpected 395 bytes
4/29 7:3509 Malware Sig unexpected 395 bytes

Hope this helps! :)

Edited by Naniwazu, 29 April 2011 - 08:15 AM.


#15 Naniwazu

Naniwazu
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:24 AM

Posted 30 April 2011 - 07:43 AM

Since I posted my last post, I was able to download MANUALLY the Windows Defender updates by following this link:

http://forums.techarena.in/windows-security/785456.htm

Remained my Windows Automatic updates. After going on this link (below) it was successful and now my Window Security Center is working fine!!! :-)

http://www.brighthub.com/computing/windows-platform/articles/33002.aspx

So far, everything works fine. I avoid to go to "free websites" which are loaded with viruses. As soon as I can afford, I will buy a good antivirus.

Question:
What is the best and the cheapest??? ;-)

ONE more thing (forgot):
HOW DO I TURN MY CD DRIVE BACK ON??? (When I installed my defogger, I turned it off and I cannot turn it back on)! I need to download some software and I can't...


Thanks!

Edited by Naniwazu, 30 April 2011 - 08:07 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users