Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Prevx reports Cloaked Malware


  • This topic is locked This topic is locked
5 replies to this topic

#1 matthewh

matthewh

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 14 December 2011 - 06:04 PM

Prexv 3.0 scan reports cloaked malware in weathereye.exe. What do I do?

Edit: Merged Malware Log forum topic with no logs to this topic to maintain continuity and avoid confusing everyone with two vectors of help. ~ Animal

BC AdBot (Login to Remove)

 


#2 matthewh

matthewh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 14 December 2011 - 06:09 PM

DDS will only return a text file filled with gibberish.

#3 matthewh

matthewh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 14 December 2011 - 06:23 PM

Thanks Animal, sorry for posting twice but I was not sure which area I should start in. Technically I can not seem to get DDS to work and have no log yet anyways!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:09 PM

Posted 14 December 2011 - 06:23 PM

Prevx is prone to false positives so get a second opinion by submitting it to one of the following online services that analyzes suspicious files:In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.

DDS will only return a text file filled with gibberish.

Do you have or ever had AutoCAD installed on your computer? If so, .scr extensions are AutoCAD script extensions and DDS.scr will not run properly unless that is fixed. When attempts to run the tool are made it opens in Notepad with non-readable characters as you describe.

DDS logs are not permitted in this forum. Referrals are made to the Virus, Trojan, Spyware, and Malware Removal Logs forum if we cannot assist you here or more powerful tools are required for disinfection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 matthewh

matthewh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:09 PM

Posted 14 December 2011 - 06:31 PM

Thanks for such a quick reply! I have a DDS log now and it is not gibberish, so I will make a new thread in that other area. I never knew that about prevx but I am noticing other signs that show I am infected. The log will hopefully show what is going on.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:09 PM

Posted 15 December 2011 - 07:55 AM

Your log(s) is posted here.

Now that your log is posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Response Team member...nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the member assisting you and could complicate the malware removal process or make things worst which would extend the time it takes to clean your computer.

From this point on the Malware Response Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take several days to get a response because the Malware Response Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have posted your log and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Response Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Response Team member is already assisting you and not open the thread to respond.

If HelpBot replies to your topic, please follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic until you are cleared by the Malware Response Team. If you still need assistance after your log has been reviewed and you have been cleared, please PM me or another moderator and we will re-open this topic.

Good luck with your log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users