Solved

When computer starts, norton blocks 'c:\users\neil\appdata\local\temp\SFT_VER1.1454.0.EXE', but cannot get rid of it, it comes up everytime i start the computer. How can you get ride of them

Posted on 2008-10-14
15
1,123 Views
Last Modified: 2013-11-22
When computer starts, norton blocks 'c:\users\neil\appdata\local\temp\SFT_VER1.1454.0.EXE', but cannot get rid of it, it comes up everytime i start the computer. How can you get ride of it?
0
Comment
Question by:neilmalde11
  • 5
  • 4
  • 4
15 Comments
 

Author Comment

by:neilmalde11
ID: 22716010
I've also run Spyboy and malwarebyte's malware, but this doesn't stop the problem.
The malware program does find the below details and removes 2 threats:


11/10/2008 00:26:02
mbam-log-2008-10-11 (00-26-02).txt

Scan type: Quick Scan
Objects scanned: 49873
Time elapsed: 4 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9073cb1-e4b0-3e7d-b319-90d5733726c8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e9073cb1-e4b0-3e7d-b319-90d5733726c8} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\System32\xwr34259.dll (Trojan.BHO) -> Quarantined and deleted successfully.
0
 
LVL 6

Expert Comment

by:JanSchotsmans
ID: 22716011
Try to delete it starting in Safe Mode.

When the computer starts, press F8.

0
 

Author Comment

by:neilmalde11
ID: 22716191
When rebooting in safe mode... the above file was not there.

On restarting, malware was detected by malwarebyte's, and now looking at the folder above the file is there again.... running malwarebyte's... and the file is detected as removed. States it a trojan fake alert.
Problem is that it seems to reappear everytime I restart the computer, how do I stop this recurring?



14/10/2008 22:28:06
mbam-log-2008-10-14 (22-28-06).txt

Scan type: Quick Scan
Objects scanned: 49810
Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Neil\AppData\Local\Temp\sft_ver1.1454.0.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
 
LVL 6

Expert Comment

by:JanSchotsmans
ID: 22716994
Did you do the scans in Safemode or Full mode?

In Safe mode you have a better chance really detecting and deleting it.

Also, if it keeps comming back, check browser plugins, toolbars, toys, messengers, and all other programs installed on the system that don't really need to be there.
0
 

Author Comment

by:neilmalde11
ID: 22718750
In safe mode malwarebytes doesn't recognise any malware,  and the above file is not there.
0
 
LVL 6

Expert Comment

by:JanSchotsmans
ID: 22718782
When hunting for a virus/spyware/adware, its best to try several products.
Get the following:

http://www.superantispyware.com/ (Super AS)
http://www.adaware.be/ (Ad-Aware)
http://www.safer-networking.org/nl/index.html (Spybot Search and Destroy)

And some virus scanners, you can use the online versions of mcafee and such if you do safemode + networking.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:neilmalde11
ID: 22718851
have used spybot and ad-aware.. not threats found. Will download superantispyware and give it a go
0
 
LVL 6

Expert Comment

by:JanSchotsmans
ID: 22718893
Spyhunter is supposed to be able to find this trojan family and remove it.

Do you have any information on what variant it might be?
This thing installs itself in quite a few registry keys.

0
 
LVL 23

Expert Comment

by:phototropic
ID: 22726603
Your pc is infected:

http://www.prevx.com/filenames/1381206047980360819-X1/SFT5FVER12E14542E02EEXE.html

Please could you download Hijackthis:

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Download the installer. Run the program. Click on "Do a system scan and save a logfile". Post the scan log here using the "attach code snippet" box below.

NB.  I would treat Spyhunter with caution. The jury is still out as to whether or not this program is legit or malware:

http://forums.spybot.info/showthread.php?t=34089
http://blog.malwareteks.com/spyhunter-should-this-be-listed-as-a-rogue-anti-spyware-application/
0
 

Author Comment

by:neilmalde11
ID: 22726796
I've run the following software:

Spybot
Ad-aware
Malwarebytes
Superantispyware
Norton
Panda online scanner
HiJack this

They have found and deleted malware, and it seems that 'sft_ver1.1454.0.exe' is not appearing anymore. This file was only detected by malwarebytes. Also doesn't seem like there any infection/virus//malware left as everything seems to be running normally now. No more alerts are coming up.

Though the Panda online scanner did bring up a few things.

I've included the logs from these programs. (hijack this and Panda)

thanks

Neil
Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:57:54, on 15/10/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal
 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\WDBtnMgr.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Roxio\Media Experience\DMXLauncher.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Kontiki\KHost.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\My Book\WD Backup\uBBMonitor.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all

O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix: 

O16 - DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4} (TraderMediaImgX Control) - http://sell.autotrader.co.uk/uk-ola/common/TraderMediaX.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
 

--

End of file - 12618 bytes

Open in new window

Panda.txt
0
 
LVL 23

Accepted Solution

by:
phototropic earned 500 total points
ID: 22728739
Your HJT log looks clean.
However, Panda has flaged a bunch of tracking cookies, and the following:

C:\Windows\System32\wr34259.dll
C:\ProgramData\hebupali\tgtonypq.exe
C:\Users\Neil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B0LN2U6L\wEvkx1zFE1[1].exe
C:\Users\Neil\AppData\Local\Temp\bqpudofq.exe

Please could you upload these files here:

 http://virusscan.jotti.org/

and post the result.

I would now clear your temp. file cache using something like Cleanup:

http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=223

Next step would be to run Combofix.  Download and tutorial:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please post the log here.

And finally, I don't want to lecture you, but this:

C:\Users\Neil\Documents\Keygen.exe

is never a good idea.  One of the main sources of malware (along with adult sites, P2P and fake codecs) is cracks and keygen downloads.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 22746104
"...neilmalde11 has requested that this question be closed by accepting neilmalde11's comment #22726796 (0 points) as the solution for the following reason:
                                         none..."

Huh???  neilmalde11's comment #22726796 is a Hijackthis and Panda scan log which I went to the trouble of analysing and making suggestions for futher work towards resolving the issue.
How can a log of a system scan which is specifically posted for experts to comment on be a solution?


0
 
LVL 23

Expert Comment

by:phototropic
ID: 22747491
"...neilmalde11 has requested that this question be closed by accepting neilmalde11's comment #22726796 (0 points) as the solution for the following reason:
                                         none..."

Huh???  neilmalde11's comment #22726796 is a Hijackthis and Panda scan log which I went to the trouble of analysing and making suggestions for futher work towards resolving the issue.
How can a log of a system scan which is specifically posted for experts to comment on be a solution?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2010 DAG 8 92
Run .exe file from network share 2 68
Add domain in Barracuda Email Security Gateway virtual appliance 4 69
How to remove Odin ransomware ? 11 181
To Remove Security Suite for Windows Malware from a Windows XP Machine:  Restart computer in Safe Mode (to do this see http://tinyurl.com/me78p) Login as Administrator Go to My Computer /Tools/ Folder Options/ View/  check mark the selectio…
It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now