Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

password protected malware


  • Please log in to reply
3 replies to this topic

#1 somae

somae

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 16 September 2017 - 09:20 PM

I've had this problem for quite awhile. The computer suddenly starts rebooting over and over.

 

I'm running windows 7 pro x64 on an asus computer.

 

I had been using bitdefender free antivirus but started wondering if it was causing the problem. The problem started around the time that bitdefender brought up a pop-up saying that a new version was available. When I clicked on it it wouldn't install. I ran a virus scan of the whole c: drive and it found 1 item that it said it couldn't remove because it was password protected.

 

I switched to windows defender/essentials.

 

I also suspected the problem was related to a new optical mouse and to usb ports. The rebooting seemed to stop when I would switch the port that the usb was plugged into. I then noticed that the usb controller driver was missing from the device manager. I downloaded the usb drivers from asus and the problem seemed solved, but it's started up again.

 

I now have a ps/2 keyboard and ps/2 mouse plugged into a usb adapter which is plugged into a usb port. It seemed like the problem started when I switched from a ps/2 mouse (with a mouse ball) to a usb optical mouse (laser).

 

In any case, I've still got the password protected malware and am wondering how to remove it. Bitdefender listed it as existing in the thunderbird directory : This is the log from it:

 

[code=auto:0]An On Demand scan has completed.
The scan took: 01:07:31
Files scanned: 682222
Infected items detected: 1
Files known to be clean: 306875
Scan Paths
Path    Status
C:\    completed
Scan Results
No infected items have been found.
Ignored items
The following files could not be scanned due to insufficient privileges.
File Name    Action
c:\users\....\appdata\roaming\thunderbird\profiles............default\mail\....\inbox    None (password protected)
 

 

Thanks for any help.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:28 AM

Posted 17 September 2017 - 07:02 AM

If you still have Bit Defender installed and up to date....then try scanning in Safe Mode. The reason I suggest that is because

of what is stated in article copied below. Especially if this computer is not a business computer being managed by an IT administrator.

 

  • The ProfilePassword extension requires a user to enter a password in order to use the profile. It is trivial to bypass by running in safe mode (to disable the extension) or by using a text editor such as Notepad to read the text files that Thunderbird stores the messages in. This method may be sufficient if other people accessing the same computer are not technical or if they are unlikely to deliberately snoop.
  • The master password is meant to protect your stored passwords, not your profile. If you configure one it will prompt the user for a master password when they run Thunderbird. However, if you press the X control or the cancel button three times its replaced by a prompt for the accounts password , which you can cancel. This method is not recommended, but some users might find it sufficient for casual snoopers. Another solution would be to use a free password manager that can auto-type passwords such as Keepass. The Keepass Helper add-on "Adds a hostname, URL, or email account ID to the application's window name (e.g., that of Firefox or Thunderbird) to make it recognizable to password manager utilities like KeePass."
  • If you have multiple users on a machine, create a separate Windows user account for each person. Typically this will prevent anybody without admin privileges on that PC from accessing your profile. The easiest way for somebody to bypass that would be to boot another operating system using a bootable rescue CD or flash drive.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 somae

somae
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 18 September 2017 - 06:24 AM

I didn't understand the article you posted. I use thunderbird. It doesn't ask for a password except for when setting up an email account. Each account has it's own password that is the password for the account on the web. I.e., there is a password for je@yahoo and another one for mq@verizon. These passwords are stored in a master list and it isn't necessary to enter them when the program downloads messages.

 

I no longer am using bitdefender but might try it again.



#4 buddy215

buddy215

  • Moderator
  • 13,314 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:28 AM

Posted 18 September 2017 - 06:35 AM

Okay...it is likely that there is no malware. You can scan using Eset Online Scanner for free. If it finds anything post the scan log.

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users