Explore topic-wise InterviewSolutions in .

So now I have tried to reformat via factory files within the computer and it has seized up, maybe because of the virus, I don't know. I don't think he has a disc supplied at purchase.

So now I have tried to reformat via factory files within the computer

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Leave the check mark next to Remove found threats.
  

Hey Dave, after doing the instructions you gave me in the last post, my computer got a lot faster:). Thankyou very much for helping me with malware this time, and I learnt a lot. I am thinking of installing WOT instead of AVG too.

Whitebeard1

DisregardQuote

Just became aware that the pop-ups are only occurring in firefox.

• Download RogueKiller on the desktop
  
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  
• Otherwise just double-click on RogueKiller.exe
  
• Pre-scan will start. LET it finish.
• Click on SCAN button.
  
• A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
  
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
  

Unistalled and re-installed Firefox

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

Did MS Fix-It do any good?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can SKIP these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Leave the check mark next to Remove found threats.
  

I still have an ALLSEARCH that comes up when I start Google Chrome. Is there a way to get rid of it.

No adds since we ran the junk removal!! I HOPE all is well. Thank you!!No adds since we ran the junk removal!! I hope all is well. Thank you!!No adds since we ran the junk removal!! I hope all is well. Thank you!!
Sorry I REPLIED three times. I didn't see that there was a second page. Ok, LET's clean up.

Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other SELECTIONS if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
*****************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you SAFE from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Up to now, I've been combing the internet for the solution to this problem, and even with all the solutions I've been offered, I've turned up empty handed. Nothing has worked. The problem is, even after DELETING all FILES associated with it, that I could find, there is STILL this one shady extension on my browser. It was "installed by enterprise policy" as it says right next to it, as seen here:

Notice how the delete button is gone? Me, too. How am I supposed to get rid of it!? I just have this gut feeling, that this thing is the root of all my Bettersurf issues. While waiting for our Malware Specialist to reply, please do the following if you have not already done so:

1) Open PROGRAMS & Features (or Add/Remove if you are running XP) from the CONTROL panel. Sort on the DATE column. Uninstall anything recently installed that relates to BetterSurf

2) Download and run the free version of MalwareBytes.

If after doing the above the problem persists, please wait for SuperDave (our malware specialist) to respond.I think I resolved the problem on my own... Thank you for your help, though!That was quick, but okay - glad you got it sorted out - I'm going to lock this thread. If the problem reappears please pm me and I'll reopen it.

Hi Dave, followed all steps from last post..... Can't tell you enough how GRATEFUL i am, you all do a great service for computer illiterate FOLKS like myself. THANK You very much !!!!You're welcome. I will lock this thread. If you need it re-opened, please SEND me a pm.

How's your computer running now?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Leave the check mark next to Remove found threats.
  

IM thinking about just deleting the old profile and sticking with the new one I made since it seems to run fine. I ran ESET with no infections found.

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

I discussed with a IT friend of mine, and he said Antivirus is not enough, but I THINK an Antivirus + malware SOFTWARE will be better. However, he provided the this link http://secureconnexion.wordpress.com/2012/09/13/second-opinion-malware-scanners-why-buy-one/

But after reading that, I still not quite understand why he said antivirus is enough

Could anyone please help, if possible, please give me more references on why antivirus is enough in the system, thank youHere's what I use:

Kaspersky Anti Virus
SpywareBlaster (updated weekly)
MalwareBytes (manual scans monthly)
WinPatrol Plus

But no matter how much protection you have installed, NOTHING will replace common sense (ie., do not open email from unknown sources or click on links in email unless you are 100% certain you know what they are, do not visit QUESTIONABLE websites, do not click on links in websites unless you are certain you know what they are, always download the latest updates from Microsoft to keep your OS and browser secure, etc.).Thanks for your quick reply Allan, say if you only use Kaspersky Anti Virus, but not the rest program, will your system as strong as when u use all those 4 programs, thank youNook, I got it, thank you very muchYou're welcome.Most AV's also have a malware component. This is what I use on all my computers.

Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
Microsoft Security Essentials for Windows XPQuote from: SuperDave on September 27, 2012, 04:07:24 PM

Most AV's also have a malware component. This is what I use on all my computers.

Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
Microsoft Security Essentials for Windows XP

If you do not have a legal version of Windows we can no longer be of assistance to you.

The other day, while doing an AVG virus scan, I was informed that a "corrupted executable file" had been detected and placed in the virus vault. It seems to have SOMETHING to do with flashplayer.

Although I'm reasonably CONFIDENT that AVG did its job and blocked this-I'm confused as to where it came from and how DANGEROUS it potentially was/is.

Any info anyone could provide would be greatly appreciated."Corrupted executables" are generally not dangerous, what it's saying is that the checksum or signature of that file didn't match what the file was supposed to be. This can be CAUSED by lots of things such as file system damage, pausing/canceling the download of a file midway through, etc. Unless you have other symptoms of infection, I wouldn't worry about it.Thanks for the input-I appreciate it.

Ok, how's your computer running now?Action Center report now is that there are no issues. I will see if "Not Responding" message now occurs with Firefox and report on this issue in a day or so. The "Not Responding" in Excel was probably due to the workbook being very large and the AutoRecovery set for 10 minutes and the slow response due to automatically running a large number of the RAND() functions. I know what to do to improve the Excel response. You could try uninstalling and re-installing FireFox.Super Dave. I have reinstalled Firefox. I will report on what is happening in a couple of days.
I have not run the Malwarebytes Anti-Malware that you originally listed in the program. Is it necessary to run it now or has that issue been resolved by the subsequent tests?Quote from: denisaf on January 01, 2014, 02:07:31 PM

Super Dave. I have reinstalled Firefox. I will report on what is happening in a couple of days.
I have not run the Malwarebytes Anti-Malware that you originally listed in the program. Is it necessary to run it now or has that issue been resolved by the subsequent tests?

This is so annoying.
I don't know why, it stopped for a while, then it began now.
I even had a redirection chrome problem, but it stopped and the mouse moving by itself started.

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
• It may ASK you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Do you know any other effective malware/trojan removals?

Thank you Dave for all your help,
Quote

At this point, since I don't know what you have done with the computer,

I would advise you to save your important data to disks and re-format and re-install your OS

I dont know any specification Please run RogueKiller again and delete those items.

Quote

I dont know any specification

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Leave the check mark next to Remove found threats.
  

Quote

Obviously the malicious IPs are still trying to gain access. What do you suggest I do? And is MBAM blocking the IPs the reason for my Comodo Firewall not notifying me?

SUPERAntiSpyware was different to how you described it in your instructions.

Once on the home screen, I checked the "Manage Quarantine" section, where the following were listed. I assume I should just check all 4 and delete?

Do you know of any reason why this is the case?

Have you noticed any activity from MBAM?

Does this mean these files were added to my computer in the 2 hours between doing the two scans? 2 of the newly found files were labelled "imrworldwide.com" - is this particularly malicious? I

In the meantime, are there any further checks I should be carrying out?

I run daily anti-virus and MBAM scans. Out of all the various different scans I've done since first starting this thread, which (if any) do you recommend I do at least once a day?

Why do they keep coming back, and how can I stop this happening?

What browser are you using?

I use Google Chrome and Firefox. I'd use Firefox for everything, but I prefer Chrome's layout + some sites run slowly on Firefox, but fine on Chrome.

Is the issue using Google Chrome?

Yes, it could be a security issue with Chrome. Check the options to raise the security level.

I've set it to block any websites from setting data/cookies. Do you think this should the tracking cookies from being added?

Okay, thanks very much Dave. I've done the clean up as instructed above. I really appreciate all the help you've given me.

Thank you for helping. I am EXPERIENCING the FBI scam virus where they are asking for payment. I have TWO logins on my computer, mine and my wife. Mine is the admin. I tried to log on using SAFE mode with networking in order to download malware removal but when I do Windows keeps shutting down and reverts to normal windows login. I can still access the internet and use the computer normally using my wife's login.Will anti malware uploaded onto my wife's account delete files from the entire C drive or just her account?Your best bet would be to create a NEW account for yourself then delete your old, infected one. Once that's done we can run some scans on the computer to make sure it's clean.I just ran SuperAntiSpyware Free and Malwarebytes Antimalware on this user and neither worked. My home screen has a huge FBI warning and payment request with a black screen in the background. How do I delete my account and create a new one? I cannot get into the admin account in a safe mode.I booted the computer in "Safe Mode with Command Prompt" and created an additional admin account. I logged onto that account in regular mode and installed/ran Malwarebytes. I was prompted to restart to REMOVE Trojans and then logged back into my original account without issue. I then deleted the temporary admin account. problem solved. Thanks for the help.We should run a few more scans just to make sure it's clean, if you don't mind. Infections like usually leave some residue.

Please download Junkware Removal Tool to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
*****************************************
Please download AdwCleaner by Xplode onto your Desktop.

• Please close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with OK
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
  

Was downloading Service Pack 3 ISO for XP from Microsoft and got this alert. I am hoping its a false positive and Microsoft is not offering a ISO that came with an infection.

Anyone know if this is a false positive? I am guessing that [susp] means suspicious as in it could be a false positive.

Attached is screenshot showing detection.

Here is the link that I was using from Microsoft http://www.microsoft.com/en-us/download/details.aspx?id=25129

Need to create a SP3 Slipstream, but on hold until i GET a confirmation that its a false positive.

[recovering disk space, attachment deleted by admin]Did they provide a check sum to verify the purity nth file?
It looks like one of the SP3 HP Printer DRIVERS trigger a false positive in Avast 8 (and later?)





Thanks for the response. I'll fetch it from quarantine and burn the iso to use for my slipstream then.Are you sure you downloaded it from MS and not a bogus site.Quote

Are you sure you downloaded it from MS and not a bogus site.

Latest Patch Tuesday Update: December 10, 2013
Last Updated: December 12, 2013

I am curious as to if there will be any updates or not after the install.

Hello,

I have some trouble with my HP Pavilion dv6700. When I try to turn it on, the screen goes all white. I THINK it is a virus, because I've tried connecting it to another screen, but it's still the same thing. I managed to reboot Windows Vista VIA the DOS once, but when I'd been using it for about an hour, the screen WENT all fluffy with red and orange colors, and after a while it just went white.

Is there any way for me to completely erase the harddisk and then maybe install Linux on it (I don't have a windows CD) ?

THANK you in advance
Why do you think it's a virus?It sounds more LIKE a graphics card.

A client brought me his virus-infected laptop, an HP Pavilion dv9627cl. He wants me to backup the Users' files, wipe Vista and install 7, then copy back the Users' files. Is it safe to do the backup to my laptop, from the infected hdd while it is connected as an external, then delete/create/format using diskmgmt.msc? Or is there a better approach? Any suggestions will be greatly APPRECIATED. Thanks. I WOULD suggest backing up his files to DVD-RW's and make sure you scan them with at least two good AV's programs before PUTTING them back on the re-formatted computer.If you slave his HD to your computer, and you have a WORLD class AV program running, (like AVG) you won't be able to OPEN, copy of move any file without it being scanned. If in doubt just right click on the drive and SCAN it. Again I'm talking about a program like AVG where you can tell it to scan a file, a folder or even a drive. That's what I do. I will scan it with Trojan Hunter and Malware Bytes too, while I'm at it. The more the better! Eh?

Then copy the files to a folder on your own drive and then burn them to DVD (s) for archival purposes.
After restoring the files to the new OS, give the DVD to your customer. They will love you for the courtesy.

Cheers Mate
Shadow I would hardly call AVG world class.

Last time SuperDave suggested me to use diagnostics tool MGADiag.ext to check whether my window is genuine? I finished the log and PLEASE advice me whether it is genuine? I think it is Genuine because it has Validation Status: Genuine, is that the way we decide that,

Just an additional question, what are the rest for since we have Validation Status: Genuine, thank you


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-FG9T4-48V9V-4GWKY
Windows Product Key Hash: eR8LE1lxRYvCWev9o8QRQeYBBco=
Windows Product ID: 76487-640-9636121-23585
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {6E2DABC6-6A36-4BC2-9369-E21FC4A320E1}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Office PROFESSIONAL Edition 2003 - 114 Blocked VLK 2
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Documents and Settings\noname\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: {6E2DABC6-6A36-4BC2-9369-E21FC4A320E1}1.9.0027.05.1.2600.2.00010100.3.0.prox32*****-*****-*****-*****-4GWKY76487-640-9636121-235851S-1-5-21-1202660629-329068152-1177238915Samsung ElectronicsSX20SPhoenix Technologies LTD08ZE20050623000000.000000+000C6F03107018400E204090409AUS Eastern Standard Time(GMT+10:00)03114114Microsoft Office Professional Edition 20031159D1605114E3500vfZmaSmFPIYrLWTcZSZErUQg+Fo=73931-640-0000106-5788514

Licensing Data-->
N/A

Windows ACTIVATION Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1E710:Samsung Electronics CO., LTD
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
Has your copy of Windows ever been validated?What do you mean "last time"? How MANY times do you need to check if you Windows is genuine?@SuperDave: In fact I am not sure, because the system I have got was from my brother Ghost file

@Allan: sorry, last time, I asked another question but suddenly, you guys mentioned window genuine, but my previous post was closed by my tutor due to training purpose, so I start one here

Thank you guysIt would APPEAR that it was not validated. Please read here how to validate it.Quote from: SuperDave on October 02, 2012, 01:18:21 PM

It would appear that it was not validated. Please read here how to validate it.

but what if the validation is not sucessful, then can i still use that.

at the moment, i am using Eset + microsoft security essential, do they crash together? thanks

Well, it's been a difficult time TRYING to get the computer to recognise a disc or a USB stick. After worrying myself sick about losing all my huge collection of PHOTOS and digital art if it crashed totally, I ended up having a guy do a home visit. He took out the Hard Drive and we copied as much info as we could onto my laptop. It was also scanned and we hoped, fixed errors on the disc. Then we put it back in and tried to get it running and the problem was still there. That disc was not recognised, or it was locked, and so on, we just couldn't repair it.

This 'sometimes' beautiful Dell is only six MONTHS old and needed a new motherboard almost from day 1 because it wouldn't boot, the CD drive mechanism replaced a couple of months later, it wouldn't (and still doesn't) turn on on first press on the switch, but will on the second, and now there seems to be a connection issue from the hard drive that has caused the current problem.

We just about gave up and had one last try with my OS disc, and after 10 MINUTES, it recognised it and went on to install...... but didn't do a full one (?). I didn't need to put the drivers in and my desktop image from before came up! Weird!

Goodness knows what the hours my man spent will cost me. He is writing all the details on his invoice, and his opinion that my Dell is a 'lemon' and should be replaced. I will be writing to Dell and asking for a replacement.

Thank you for your assistance, I tell evreyone how great this forum is.

You're welcome. I will lock this thread. If you need it re-opened, PLEASE send me a pm.

Quote

I am mostly concerned now about possible infection of the laptop VIA the backup and also the use of a USB flash drive in the previous clean up steps, as well as our home NETWORK.

I ran the quick scan and it found no infections. I originally started the full scan but at 28 minutes it was barely a quarter finished so I quit and did the quickie instead which took about the 20 minutes that you had estimated. Thank you. What next?

So TODAY I did a quick SCAN with malware bytes and was looking for malware slowing down my PC.
So I Scanned 60,000+ Items And Left it for 15 Min it pulled up malware but I NEED to be sure it is safe to delete Log is Below

FILES THAT WERE CONDEMNED AS MALWARE:
===================================
Reg Keys:
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A)
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A)
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A)
===================================

DLL Files:
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit)



Code: [Select]Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.01

Windows 7 Service Pack 1 x64 NTFS
rac :: RAC-HP [administrator]

1/1/2014 12:34:50 AM
MBAM-log-2014-01-01 (00-50-14).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 57113
Time elapsed: 15 minute(s), 4 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.

(end)
ARE THESE FILES BAD CAN I DELETE THEM? YES

Greetings CH!

Last week i downloaded some sort of Virus that has terrorized my system. Ill boot into windows 7 Ultimate and i get all my login applications showing ".... has stopped working" and every program i try and open is the same thing. ON the windows XP partition i open an application and get "...has encountered a problem"

So i don't care much for trying to get RID of the Virus. Im going to do a clean install as it needed one anyways.
What im concerned about is the files and folder that i have on the drive.
I have a Sata To usb kit i wanna use to transfer all the stuff i need to my macbook and then back to my restored PC. However i want to be sure that the virus hasn't infected any of those files. What piece of software would work for me? I have another PC laptop i can use it on if the whole mac/Pc software is an issue.

Just wanna scan my stuff (preferably free) to make sure no virus is in it.
Let me know thanksYour best bet would be to save you important data to DVD-RW's which can be reused afterwards and scan them with two good Anti-Virus programs before putting them back on the re-formatted computer. Ok but which program can i use super dave? I have no anti virus and therefore i dunno which one to use to check the files hence the point of this thread. Quote

Ok but which program can i use super dave? I have no anti virus

Hello ,

I just downloaded the MULTI COMMANDER file explorer from home PAGE and avast just warned me that this file is dangerous and is present on a few other computers in world and it recommends me to abort the DOWNLOAD and remove the file .

This thing looked to me like a bad joke ), i believe that avast is wrong here and i should continue the installation, but STILL i thought that is better to discuss this, anyone else had this problem ?

Thanks !

Check this site to learn more about that program.

I ENDED up with some virus/malware file(s) that Microsoft security caught, and an AVG warning came up to offer to fix before continuing. But it wasn't my free version, it wanted $59.99 for 30 days, 79.99 for 6 months and 99.99 for the year. I wasn't able to do much and the warnings kept coming up. I ran my Anti malware program and it wasn't able to remove EVERY threat. I tried to install a different free antivirus program (avira, I think it was). The warning popped up every click, finally when the avira page was loading, it would redirect me to facebook. I tried this multiple times, it was weird, I never had something lik ethat. I was like held hostage by AVG, I was almost about ready to pay, but didn't want to give out credit card info. I decided to go to my laptop and look ONLINE on how to fix. One post had said it wasn't a virus but some sort of malware and just to do a system restore and it should go away. And it did, for now. So my question is, is the free AVG antivirus enough? Should I do away with AVG completely and use someone else. I had a paid subscription to PC tools antivirus and tools, but it EXPIRED and I didn't renew since they are retiring in December. I run the Antimalware program and CC cleaner also. Hope this makes sense. Thanks I would try using Malwarebytes to remove your issue. Thats just where I start.

Now next to my opinion, because trust me every one has one when it comes to anti-virus.

I am an avid AVG user. I manage over 200 PC and have it on every one of them, but I pay for it, business edition. I would not put a free version of anything on a PC I support or my personal ones. You get more for the paid versions. Now with that said, AVG might not be for you. I would look at all the power players in the antivirus game; McAfee, Symantec, Kypersky, and AVG. When you ask someone what their favorite it is, they will tell you and tell you why the others suck, but for every person who THINKS Symantec sucks is an avid symantec user/lover.

So to sum up:
Research whats best for you.
You get what you pay for.
I prefer AVG.

Hope this helps.I have been cleaning computers for over 5 years and I get as many infected computers that use a commercial (paid for) AV as those that use free versions. I would suggest your download and use MicroSoft Security Essentials. It's easy on resources and very effective.

MicroSoft Security Essentials All versions and all languages.

Here's a comparative list of all AV's. Quote from: SuperDave on November 13, 2013, 01:12:23 PM

Here's a comparative list of all AV's.

Hi

I found a letter on my copy and PASTE that I did not write and my husband said he did not write it.
My husband is telling me someone hacked into our computer and put on our copy and paste.
Is this even possible or total BS?
Thanks.
Quest
You're going to have to explain what your "copy paste" is.It's possible she's referring to the clipboard. I've never heard of such a thing as hacking to get into the clipboard.Hi,
Writing something in notepad or word and copying it into an email.
Can that be hacked into?While THEORETICALLY it is possible for a virus on your computer to put stuff in your clipboard (copy and paste), there is no reason why this would ever be done - People will only write viruses if there is some sort of gain to the creator, this is not the case with this.

I have also never heard of any virus that could cause this.Quote

Writing something in notepad or word and copying it into an email.
Can that be hacked into?

My wife complained that her computer was running slow yesterday, and I saw that at idle the dual-core CPU showed that it was running around 50-60% on both cores.

I WENT to task manager and looked at Processes and sorted the CPU column so that the most active processes show at the top, but there was only 3 processes that showed like 05%, 03%, and 02% and rest of them 00%. And that adds up to just 10%, so what is going on to make the CPU run both of its cores at 50-60% and making the system slightly slower than normal.

Hard Drive Activity LED was only showing an occasional flicker.

Microsoft Security Essentials I ran a Full Scan as well as Malwarebytes ran a full scan and they both came up clean.

* I am about to wipe the hard drive and install a clean Windows 7 build to it since its been running for almost 2 years without rebuild and PROGRAMS have been installed and removed through this time and its probably time to clean it up... but what really gets me is why the CPU a Core 2 Duo E6600 2.4Ghz is running at 50-60% when it use to idle between 10-20%

Her system also takes automatic microsoft updates and runs 24/7 most of the time because she is too lazy to shut it down and turn it back on like I do to my system. She thinks that the system started running slower since Tuesday. *Tuesday also just happens to be Patch Tuesday for this month. So not SURE if its related or not. I am just stumped as to how a process or processes can hide and use CPU and cant find the culrpit in Task Manager to target the problem directly. Also I am not sure if I am dealing with a malware or something else, so I figured I'd ask here for suggestions to find the processes that are making the CPU busy. Is there a better tool than task manager for windows to see all processes including what I believe is a hidden process that is running causing the CPU activity?
Here are her system specs:

Core 2 Duo E6600 (2.4Ghz)
2GB DDR2 667Mhz
160GB IDE HDD ( OS + Software + Personal Data )
40 GB SSD SATA II ( Games Only )
Windows 7 Home Premium 32-bit

**If I rebuild her system I am going to make the SSD the boot drive with Windows 7 on it and I have an 80GB SATA II drive that I can upgrade her away from the slower IDE HDD that is limited to ATA100. Also at some point I should probably upgrade her to 3GB RAM although when she games she still has 25% free memory at the 2GB ( @500MB free RAM ).Restarting the computer is sometimes the best thing you can do the computer. Is it slow in Safe Mode.Quote from: DaveLembke on November 14, 2013, 04:23:29 PM

I went to task manager and looked at Processes and sorted the CPU column so that the most active processes show at the top, but there was only 3 processes that showed like 05%, 03%, and 02% and rest of them 00%. And that adds up to just 10%, so what is going on to make the CPU run both of its cores at 50-60%

Hey

Yeah Spoolsv.exe is a service that Uses a lot of cache even when its not required.

Here is a fix for that :->

1 - Go to Start, Settings and click Control Panel
2 - In the Control Panel window, first double-click on Administrative Tools and then on Services.
3 - In the right pane of the Services window locate and right-click on Print Spooler and then select Stop.
4 - After you have stopped this process, leave the Service window open. Now open My Computer and navigate to the following folder.
c:\windows\system32\spool\PRINTERS - in Windows Vista, XP, 98/95/ME
or
c:\winnt\system32\spool\PRINTERS - in Windows NT\2000
5 - Delete all the files in the Printers folder. After deleting the files in this folder, go back to Services window, right-click on Print Spooler, and then select start to re-enable the service.

spoolsv.exe process is running all the time and wasting 50% CPU's power (one of two cores).
I've found that spoolsv.exe is accorded to printing. When this process is killed or service "Printing cache/buffor" is stopped, printing is impossible. I tried to switch automatic initialization to manual (in services.msc), but this process doesn't start even I ask any application to print.
spoolsv.exe takes all power of one core from mu CPU (core 2 duo). I've got Windows 7 Professional x86 Polish. I attached some screenshoots that could be helpful. Sorry for my poor english.

SYMPTOMS
After all print jobs are completed, you have several SPL, SHD, and TMP files left over in the C:\Winnt\System32\Spool\Printers directory.

WORKAROUND
You can safely delete leftover files that have an .spl, .shd, or .tmp extension from the C:\Winnt\System32\Spool\Printers directory. These files should have been automatically deleted when the print job was printed.

Quote

Still having some crazy ad issues (like random text words being linked to ads when I run the mouse over them)

What should I do next?

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Whenever I suspect that my flash drive has been infected what I GENERALLY do is, boot my system in Ubuntu, plug the flash drive, look out for suspicious files and delete them. This route has been fail safe for me. If there is a .exe file I open them using gedit and if I feel that it looks weird I delete it right away.
However, a friend recently reported that he encountered a problem in this method. His drive was infected. All the folders present in the drive disappeared and was replaced with a single file that cannot be opened. He tried opening it in Unix but couldn't. (!!) The same situation persisted. A single file that an't be opened. He's not sure of the file type. But can this really happen? I believe .exe , .inf , .bat files are incapable of RUNNING on ubuntu. Clarification required.

OS Info : Windows7/ubuntu 12.04 DUAL bootHe approached a data recovery center. They were unable to recover the data either. Only images were retrieved. (the drive contained docs and ppts.. the images were actually a part of the docs) They have formatted the drive and have written the recovered data on top of it. My question : is it possible to retrieve the original docs and ppts now?Here is a link where you download some safe recovery tools.Thank you superdave. But your post doesn't answer my question. Stellar Phoenix, recuva and various other softwares were tried to recover the data but to no avail.

My questions :
1. can you NAME some companies/organisations who can restore the data professionally? (I'm looking for ones like Kroll Ontrack)
2. The infected pendrive has been formatted and filled with the PARTIALLY recovered data (only images). Is it still possible to try and recover the original data(docs and ppts)?
3. What could be the possible reasons for the partial recovery?
4. Are there malware that can work on both Windows AND Ubuntu?

PS sorry for my late reply. Was caught up in several stuff. Quote

can you name some companies/organisations who can restore the data professionally? (I'm looking for ones like Kroll Ontrack)

The infected pendrive has been formatted and filled with the PARTIALLY recovered data (only images). Is it still possible to try and recover the original data(docs and ppts)?

What could be the possible reasons for the partial recovery?

Are there malware that can work on both Windows AND Ubuntu?

2. I've heard of 'data restoration' wherein people try to recover data from burnt/damaged hard disks. And that, eventhough a disk has been reformatted, it is still possible to recover the data. Is it applicable only to hard disks and not flash drives?

Is my method of using ubuntu to delete suspicious looking files from my affected flash drive, potentially dangerous?

here ya go. thanks.

ComboFix 13-12-08.01 - papa 12/08/2013 21:58:35.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.9971 [GMT -8:00]
Running from: c:\users\papa\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6361\AddOnDownloaded\02d6010d-b288-4157-bbcc-a3d510d3fba5.dll
c:\programdata\PCDr\6361\AddOnDownloaded\143c46ba-b979-4e38-9815-2373de9333aa.dll
c:\programdata\PCDr\6361\AddOnDownloaded\409161a3-28c9-4482-9613-e7ca2e306fef.dll
c:\programdata\PCDr\6361\AddOnDownloaded\4c09e0ec-d531-4d04-a038-3dd30a795474.dll
c:\programdata\PCDr\6361\AddOnDownloaded\61c13bfc-28f4-44bc-beec-efa429fa40f0.dll
c:\programdata\PCDr\6361\AddOnDownloaded\6edf11af-92e6-490d-af58-febeeb0cdb04.dll
c:\programdata\PCDr\6361\AddOnDownloaded\9e7391aa-d9c2-4547-bdb7-737a833083a2.dll
c:\programdata\PCDr\6361\AddOnDownloaded\9ed1246c-39a1-403b-9134-f313ebd75cb8.dll
c:\programdata\PCDr\6361\AddOnDownloaded\b347630c-35c1-4199-a3e2-2eea8f11e228.dll
c:\programdata\PCDr\6361\AddOnDownloaded\c6ca3141-c4ef-404d-b1c2-840d38395e80.dll
c:\programdata\PCDr\6361\AddOnDownloaded\f586fa98-17b8-498c-9c59-24de5750efab.dll
c:\programdata\PCDr\6361\AddOnDownloaded\f63e05a5-1f40-4c42-b80a-d0995b6e38a7.dll
c:\programdata\SPLCEB.tmp
c:\programdata\SPLDBFC.tmp
c:\programdata\SPLEC41.tmp
c:\programdata\SPLF476.tmp
c:\programdata\SPLF695.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-11-09 to 2013-12-09 )))))))))))))))))))))))))))))))
.
.
2013-12-09 06:03 . 2013-12-09 06:03--------d-----w-c:\users\Default\AppData\Local\temp
2013-12-06 03:13 . 2013-12-06 03:15--------d-----w-c:\users\papa\AppData\Local\ElevatedDiagnostics
2013-12-04 07:55 . 2013-12-04 07:55--------d-----w-c:\program files (x86)\ESET
2013-12-03 20:17 . 2013-12-03 20:3091352----a-w-c:\windows\system32\drivers\mbamchameleon.sys
2013-12-03 01:59 . 2013-12-03 01:59--------d-----w-c:\windows\ERUNT
2013-12-03 01:48 . 2013-12-07 01:37--------d-----w-C:\AdwCleaner
2013-12-02 20:52 . 2013-12-02 20:52--------d-----w-c:\users\papa\AppData\Roaming\Malwarebytes
2013-12-02 20:51 . 2013-12-02 20:51--------d-----w-c:\programdata\Malwarebytes
2013-12-02 20:51 . 2013-12-02 20:51--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-02 20:51 . 2013-04-04 22:5025928----a-w-c:\windows\system32\drivers\mbam.sys
2013-12-02 20:51 . 2013-12-02 20:51--------d-----w-c:\users\papa\AppData\Local\Programs
2013-12-02 15:13 . 2013-12-02 15:13--------d-----w-c:\program files\CCleaner
2013-11-27 21:23 . 2013-11-27 21:23--------d-----w-c:\program files (x86)\Oberon Media SIDR
2013-11-27 21:22 . 2013-11-27 21:23--------d-----w-c:\program files (x86)\msn_en
2013-11-26 11:03 . 2013-10-15 02:0028368----a-w-c:\windows\system32\IEUDINIT.EXE
2013-11-14 11:01 . 2013-11-14 11:03--------d-----w-C:\a052c3cea54cb0cea1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-26 18:16 . 2012-04-22 14:37692616----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 18:16 . 2011-12-02 18:0471048----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 11:01 . 2012-01-25 22:1082896128----a-w-c:\windows\system32\MRT.exe
2013-11-05 00:51 . 2011-03-13 17:2070112----a-w-c:\windows\system32\drivers\cfwids.sys
2013-11-05 00:46 . 2011-03-13 17:20343696----a-w-c:\windows\system32\drivers\mfewfpk.sys
2013-11-05 00:46 . 2011-12-02 18:33182752----a-w-c:\windows\system32\mfevtps.exe
2013-11-05 00:43 . 2011-03-13 17:20782360----a-w-c:\windows\system32\drivers\mfehidk.sys
2013-11-05 00:41 . 2011-03-13 17:20519576----a-w-c:\windows\system32\drivers\mfefirek.sys
2013-11-05 00:40 . 2011-03-13 17:20311120----a-w-c:\windows\system32\drivers\mfeavfk.sys
2013-11-05 00:39 . 2011-03-13 17:20179792----a-w-c:\windows\system32\drivers\mfeapfk.sys
2013-10-08 14:50 . 2013-10-20 17:3296168----a-w-c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-30 23:50 . 2013-09-30 23:501121538----a-w-c:\programdata\SPLAA09.tmp
2013-09-27 22:48 . 2011-12-02 18:22499712----a-w-c:\windows\SysWow64\msvcp71.dll
2013-09-23 20:49 . 2013-10-16 22:26197704----a-w-c:\windows\system32\drivers\HipShieldK.sys
2013-09-20 16:38 . 2013-09-20 16:3810856----a-w-c:\windows\system32\drivers\mfeclnrk.sys
2013-09-20 16:38 . 2013-09-20 16:3895984----a-w-c:\windows\system32\drivers\mfencrk.sys
2013-09-20 16:37 . 2013-09-20 16:37390552----a-w-c:\windows\system32\drivers\mfencbdc.sys
2013-01-17 03:27 . 2013-01-17 03:27464----a-w-c:\program files (x86)\0116201319273618.bat
2012-11-18 19:15 . 2012-11-18 19:15465----a-w-c:\program files (x86)\1118201211152934.bat
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{5e7c3693-318c-4f0f-9ff2-db485880944c}]
2013-11-08 15:53115840----a-w-c:\program files (x86)\msn_en\encyclopediabritannicagamesbarX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e7c3693-318c-4f0f-9ff2-db485880944c}"= "c:\program files (x86)\msn_en\encyclopediabritannicagamesbarX.dll" [2013-11-08 115840]
.
[HKEY_CLASSES_ROOT\clsid\{5e7c3693-318c-4f0f-9ff2-db485880944c}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2011-08-12 75048]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RoxWatchTray"="c:\program files (x86)\Common Files\ROXIO Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-08-21 67496]
"Dell V715w"="c:\program files (x86)\Dell V715w\fm3032.exe" [2011-01-24 316072]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2013-09-27 295512]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe

comboxfix and needed to restart my system and since I ran combofix I get a window popping up which says you are about to leave a secure internet connection, it will be possible for others to view info you send. I didn't have this before, am I doing something wrong?

i may go to microsfot and see if they have any ideas,

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

Does anybody know what is going on if anything with Youtube popping up a screen REQUESTING the user update to the latest version of ADOBE Flash Player? This has happened to me two or three times in the past. As I remember it I have to back up the computer to an earlier DATE. That's what happened just two days ago when the youtube problem occured but now it's back. I can't watch any videos on Youtube with the exception that sometimes the video is there but there's no sound and no volume slider showing. This latest occured right after I tried to install Bit Torrent. That installation failed and then the computer nearly froze up or extreemly slowed and lost the internet connection. I restored it to an earlier date which cured the slowness but then the youtube thing was back. Also I can't download the Flash Player from Adobe. That just hangs up in mid download. I think maybe Malwarebytes or other is blocking it so I'll try again. And clicking on the request to update from the Youtube screen just runs you in circles and you get nowhere. I got it! You need to disable Active X by going, in Explorer 9 anyway to the CONTROL icon in the upper right corner -little gear- hover over safety and in the menu you will see Active X. Uncheck this. I STILL haven't tried to download Flash Player but now I can watch Youtubes.

Hi, I am interested to find out what programs are available to prevent pop-unders appearing when using either Internet Explorer 10 or Firefox v21 with Windows 7. I have had a look at some of the free pop-up ad removers but there is little or no information refering to pop-unders. I don't mind admitting to having the occasional foray into adult websites, but I GET fed up with finding sites like "Live Jasmin" and others sitting on the desktop when I close Firefox, for example. Can anyone give me any advice on this ?
Regards, parkman.Those are not pop-ups; they are sites that open up automatically. I don't know of any program that will stop them. Just make sure your pop-up blocker is enabled in each of your browser.Hi, thanks to Superdave for the response. I don't know a lot about these pop-up or pop-unders, so I assumed that a page that opened behind the current browser page was a pop-under.
As SUGGESTED by Superdave it LOOKS like I will just have to put up with them.
Thanks very much,
regards, parkman•Make your Internet Explorer more secure - This can be done by following these simple instructions:

•From within Internet Explorer click on the Tools menu and then click on Options.

•Click once on the Security tab

•Click once on the Internet ICON so it becomes highlighted.

•Click once on the Custom Level button.

•Change the Download signed ActiveX controls to Prompt

•Change the Download unsigned ActiveX controls to Disable

•Change the INITIALIZE and script ActiveX controls not marked as safe to Disable

•Change the Installation of desktop items to Prompt

•Change the Launching programs and files in an IFRAME to Prompt

•Change the Navigate sub-frames across different domains to Prompt

•When all these settings have been made, click on the OK button

•If it prompts you as to whether or not you want to save the settings, press the Yes button.

•Next press the Apply button and then the OK to exit the Internet Properties page.
Hi, thanks Superdave, for the IE settings, I will put those into Explorer.
Best regards, parkmanQuote from: parkman on June 18, 2013, 03:49:00 AM

Hi, thanks Superdave, for the IE settings, I will put those into Explorer.
Best regards, parkman

Hi -
I have Windows 7 64 bit. When I run Malwarebytes Antimalware (free edition) everything looks OK. It finds 29 items detected and which I have it delete. However if I run it again the same items COMES up. How can the same items come up if they have been removed previously? I have even shut down my computer between runs just in case that made any DIFFERENCE. It does not. All of the repeat items are PUP items.
Any help will be appreciated. Bob We need to know what the items are. MBAM will identify some perfectly safe registry entries and files as malware, delete them, and they will be recreated on the next boot.Allan -
You may mark this post as completed. This morning I contacted Malwarebytes and found out I was not following the correct procedure. After running the SCAN and getting a list a person must CHECK which (are all) of the items that are to be removed. My fault.
Thanks for your time. Bob

System info: Desktop: Dell, XPS 630, Running Windows 7; 16GB RAM; Office 365; Photoshop CS6;
Laptop: Dell, Inspiron, 17R – OS: Windows 8; 8GB RAM; Office 365

Hi All – I have an odd issue with AVG that has created a nightmarish issue on my systems. On the ADVICE of several folks here and on other sites, as well as a tech savvy friend, I loaded the trial version of AVG security. As soon as the system rebooted, the system became very unstable. Screen freezes, very slow performance, very slow Internet responses and multiple crashes. Believing that something had occurred during the installation, I decided to uninstall and reinstall the software. This is where the nightmare began. It is impossible to remove this program from either system! I followed the instructions on the AVG site and used Windows uninstall utility and then used the AVG command PROMPT utility to remove the program. As soon as I rebooted, there was AVG again. At this point, I contacted AVG and a tech tried to walk me through another method to remove the program. I downloaded, installed and then used a second command prompt utility that the tech told me to use. During the process of the uninstall, I was disconnected from this tech. (I was informed that this would occur and told to reconnect and let him know if the fix worked.) When the system rebooted, it was immediately apparent that AVG had not uninstalled. I reconnected to AVG tech support; however, this time the tech seemed unfamiliar with my case (I had a case #) and equally unfamiliar with the program. She suggested using the uninstall tools I had already used previously – multiple times – without success. I explained this and the tech became quite rude and, after I asked if she could pull up my case so that we didn't have to repeat the same things again, she terminated our connection.

I am now working with two computers that are held hostage to AVG. Because AVG remains in shell form only, I have no active anti-virus/security program on either computer. I cannot load another program because…of AVG. I’ve tried restoring both systems to previous good points, but this has not helped remove AVG. After two phone calls and numerous e-mails, I have yet to receive help from AVG – other than being told to once again use the utilities that have not worked. (I have tried several more times) I know that many folks here are extremely knowledgeable and I am desperately hoping someone can help me get this blasted thing off my systems. Thank you for any help!
Use this tool to remove AVG.

AVG Antivirus - AVG Antivirus Remover utility

Download and install MicroSoft Security Essentials. Make sure to install the correct one for your computers ie 32 bit or 64 bit.

MicroSoft Security Essentials All versions and all languages.Hi - I apologize for posting my question and then disappearing without ever answering to your response. A family emergency took me away for ten days and I just read the response. The AVG removal tool is what I have already used, several times and for some reason it has not worked. In several of my contacts with AVG they have supplied both the tool you mention and a second command prompt tool. Neither of these tools has worked to remove the entire program. I'm very frustrated not just because nothing has worked, but because the people at AVG have been so useless in helping resolve the issue. I had heard so many great things about the company and, in particular, this software. They are highly rated by many tech sites, but obviously, ratings aren't ALWAYS honest. Now that I'm back to WORK, I'm probably just going to reformat the drive, thus removing everything, including this POS software. Thank you for your efforts.You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.

Yesterday on my computer I had installed LinuxLive USB Creator (Lili) to make my USB device bootable. Yet before installation of this program when I click on its setup file the message from ESET Smart Security came on on the screen:
Quote

An application running on this computer is attempting to communicate over encrypted SSL channel. If you want to check the encrypted channel content, mark the certificate as trusted.
Do you consider the remote computer's certificate trusted?

Lately I googled for this one and hadn't found anything. Well, I'm going to uninstall this program and run a deep scan then.

• Please close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with OK
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
  

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click REMOVE Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 21:03:12
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\Mark\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\khgb4rwd.default\searchplugins\web-search.xml
Folder Deleted : C:\Program Files (x86)\BringMeSports_1c
Folder Deleted : C:\Program Files (x86)\InfoAtoms
Folder Deleted : C:\Program Files (x86)\Wondershare
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\visualbee
Folder Deleted : C:\Users\Mark\AppData\Local\visualbeeexe
Folder Deleted : C:\Users\Mark\AppData\LocalLow\BringMeSports_1c
Folder Deleted : C:\Users\Mark\AppData\LocalLow\visualbee
Folder Deleted : C:\Users\Mark\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1&cf=2390a736-17c4-11e2-869f-90e6bad66c02 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\khgb4rwd.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://startsear.ch/?aff=1&cf=2390a736-17c4-11e2-869f-90e6bad[...]
Deleted : user_pref("keyword.URL", "hxxp://startsear.ch/?aff=1&src=sp&cf=2390a736-17c4-11e2-869f-90e6bad66c02&[...]

*************************

AdwCleaner[S1].txt - [3128 octets] - [28/06/2013 21:03:12]

########## EOF - C:\AdwCleaner[S1].txt - [3188 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Mark :: MARK-PC [administrator]

6/28/2013 11:31:55 PM
mbam-log-2013-06-28 (23-31-55).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348552
Time elapsed: 36 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry DATA Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Mark on Sat 06/29/2013 at 0:20:17.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Mark\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Mark\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\Mark\appdata\local\strongvault"
Successfully deleted: [Folder] "C:\Users\Mark\appdata\local\visualbeeclient"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[emailprotected]"
Emptied folder: C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\khgb4rwd.default\minidumps [175 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/29/2013 at 0:22:50.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dave i think i receive another virus, because when i check task manager, i found some process of weird program, pev.3XE,PEV.3XE, and sev.3XE. is this a virus or not? cause i experience another freeze.Quote

i found some process of weird program, pev.3XE,PEV.3XE, and sev.3XE. is this a virus or not? cause i experience another freeze.

it lags so much and my firefox keeps crashing. so should i do scan with MBAM?

The link for BitDefender takes me to what becomes Quickscan which shows no errors. It doesn't produce a report, and there are no tabs on the online display.Quote from: dc4580 on October 09, 2012, 09:16:11 PM

The link for BitDefender takes me to what becomes Quickscan which shows no errors. It doesn't produce a report, and there are no tabs on the online display.

Was my inability to do some of these scans due to anything other than changes to websites that might have recently taken place?

I need to dump McAfee as it couldn't catch a cold much less a virus, so I will need suggestions for software that will handle AV and Firewall. If you would have a recommendation of a suite or mix-and-match, I am all ears.

• CLICK the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

Ok, let's do some cleanup.

To uninstall ComboFix

• Click the START button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the FIELD, type in ComboFix /uninstall
  

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

Thanks, I don't think we used comboFix?!

I performed disk cleanup as you suggested, thanks.

I was looking for anti-virus software options and I came across stuff like Panda and AVG on this site:

http://www.outletpc.com/software---os-antivirus-software.html

I BEGAN to wonder, will anti-virus software that costs me as little as $10 WORK ANY better than something else I can GET for free? What do you think? I'm curious what more well-versed people think.I'd say to look for trusted antivirus vendors. Antivirus freeware is definitely not as effective as a paid antivirus program.

Feel free to get a good review on AV software from my company blog: http://secureconnexion.wordpress.com/2012/06/14/antivirus-software-toplist-top-20-summer-2012/

I HOPE this helps. However, this topic is closed, because the discussion can get long, and we have plenty of posts in this forum asking about what antivirus to use, and whether freeware or paid is better.

We appreciate you stopping by, and hope to see you POSTING more.

I don't think I am infected.. but what can ONE tell me about the following link an email wants me to click ---

link deleted by Allan

What does it do? Here is the header info...

------------------------------------------------------------


Your Email Has Been Re-ported SPAM
From: Member Service <[emailprotected]&GT;
To: Recipients <[emailprotected]>
Date: Sun, Oct 14, 2012 12:08 pm

--------------------------------------------

I don't KNOW how to access more of the header info with web based aol email


Here is the text of the message ---

--------------------------------------------------
Your e-mail account was re-ported to us as Abused e-mail. VERIFY NOW

Can any one give me some insight into this link/message?

Thanks!
Do not POST potentially harmful links.

Ok. Run AdwCleaner and MBAM again and post the logs.

Please download AdwCleaner by Xplode onto your Desktop.

• Please close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with OK
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
  

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and LAUNCH Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

• Download RogueKiller on the desktop
  
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  
• Otherwise just double-click on RogueKiller.exe
  
• Pre-scan will start. Let it finish.
• Click on SCAN button.
  
• A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
  
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
  

• ) -> FOUND

• ) -> FOUND

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

• Leave the check mark next to Remove found threats.
  

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
• Click Start or wait for the scanner to load.
  
• Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, there are a couple of things to keep in mind:
• 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
• 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
• Open the logfile from wherever you saved it
• Copy and paste the contents in your next reply.

• Slow computer
• Error messages
• Fake antivirus alerts or the icon in the system tray
• svchost.exe running at 100%
• System crashes or blue screen of death

• Select Start > All PROGRAMS > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
• Click CREATE

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done

• Save it to your Desktop.
  
• Double click OTC.exe.
  
• Click the CleanUp! button.
  
• If you are prompted to REBOOT during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Team,

Please help me with this at the earliest...

I need ONLY a batch file to remove the virus from my COMPUTER and How do I make a Batch file to do so?

Need ur help &AMP; suggestions... A batch file will not remove INFECTIONS from your computer especially if you don't KNOW what infections are there. Do you need help CLEANING the computer?

turn off or on smartscreen filter - tools/internet options/advanced/security/ and turn if off Did a search and FOUND sevenforums.com and that's where i got this info Quote from: darcomputer on October 11, 2012, 05:09:18 PM

turn off or on smartscreen filter - tools/internet options/advanced/security/ and turn if off Did a search and found sevenforums.com and that's where i got this info

here we go again, the spam emails are back eg Promote Here, not this exact one but the other ones i've also been getting 5 in email, only one email account, box so far

I have never had to deal with spam, can you help me.

Whenever I start my PC my FIREWALL setting is turned off. I have no trouble turning it back on, but should I worry?MAKE sure the Windows Firewall Service is set to: automatic. If still no joy, look here:

http://technet.microsoft.com/en-us/library/cc749262%28v=ws.10%29.aspxHow do I set it to automatic? Right-click on My COMPUTER and select MANAGE. Click on Services and Applications and select Services. Find a Right-click on Windows Firewall and select Properties. Click on startup type and select Automatic then, select Apply and close the window.Quote from: alexandraxerta on JULY 17, 2013, 10:48:50 AM

How do I set it to automatic?

I have had my laptop for five years now and never had a virus on it. When I purchased it from BEST Buy they installed both Trend Micro and Webroot on it, and I have had both set up for automatic renewal. Last year when they both RENEWED, Trend Micro updated me to Trend Micro with Antispyware. My computer was also acting funky because of it, but I was able to solve it on my own and both have been working fine for the year.

My renewal is coming up next month, should I renew both or will I be okay with just one over the other (Trend Micro over Webroot).

Note, I have never ever had a virus on this laptop and its a Gateway running Vista. I suspect that you may be running too much realtime protection of security programs. Keep in mind that running too much realtime protection can cause more problems rather than prevent them. Also, can cause system crashes, and even false positives.

It is probably best if Trend Micro's protection is running. Unless you have Webroot SecureAnywhere, then go with that.

It seems pretty weird that Best Buy "techies" would do that. Shows you how much they know. Its Webroot Internet Security Essentials and Trend Micro Antivirus plus Antispyware.

+ I also have Malwarebytes that I do run every week in safe mode (free version). I'd say Webroot Internet Security Essentials. Go with that only. Even though its not Anti-virus? The people at Best Buy EXPLAINED it to me as being one is for Spyware only (Webroot) and one is Anti-virus (Trend Micro).

That's incorrect.

Trend Micro Antivirus plus Antispyware is a combined solution.

Webroot Internet Security Essentials involves a group of solutions: antivirus, antispyware, firewall, etc. However, it is now known as Webroot SecureAnywhere: http://www.webroot.com/En_US/consumer-products-secureanywhere-internet-security-plus.html

Chat with an agent of Webroot and see if you are upgrade-eligible for SecureAnywhere at the renewal price.I think I might be, if I can even get a small discount it would be worth to me instead of paying for two products which contradict one another...Indeed. Kudos!If you're going to renew, I'd suggest checking online for discounts and coupons (retailmenot.com often has some good ones). I often suggest to clients that they not pay for antivirus. There's plenty of free antivirus programs out there (AVG, avira, just to name a few) that do the job just fine.There may be free antivirus programs available, but they're not enough!

Premium antivirus software provides the best antivirus protection and safeguards your computer, your identity, and all of your personal information saved on the computer. Some programs provide extra features, such as free online backup, auto-sandbox (which runs your programs in a safe environment to make sure they are not malicious), and social networking protection. Without these core features, you run the risk of having your identity stolen.

What a free antivirus program does not provide is identity protection, which is a critical component in today's malware world!Quote from: DragonMaster Jay on October 18, 2012, 09:46:11 AM

There may be free antivirus programs available, but they're not enough!

Premium antivirus software provides the best antivirus protection and safeguards your computer, your identity, and all of your personal information saved on the computer. Some programs provide extra features, such as free online backup, auto-sandbox (which runs your programs in a safe environment to make sure they are not malicious), and social networking protection. Without these core features, you run the risk of having your identity stolen.

What a free antivirus program does not provide is identity protection, which is a critical component in today's malware world!

You may disagree with this pretty strongly, but look at the evidence (I'll link to my blog so you know that my computer security knowledge is authentic)...

Another Java vulnerability, 30 holes

Many antivirus companies fail to block Java exploit

See the swell of computer security


Most free antivirus products do not include the intrusion detection system that many paid antivirus programs have. Which is bad, because IDS helps to protect files and the Registry from unwanted modification.

The computer security industry is booming big time, because there are millions of computer security workers still needed in order to keep up with the constant vulnerabilities, threat of cyberwar, etc.

My experience with paid antivirus is that I felt more secure knowing that I had an antivirus program that was protecting me. Why do you think Kaspersky software is so popular, even though they DON'T have a free antivirus?

AVG, Avira, Microsoft, Avast, ZoneAlarm, Comodo, and Lavasoft provide a free antivirus as a temporary means, and as a relief for those who cannot currently buy an antivirus product.

When I had Avast! Free, I tried many occasions to download a malware file, and was successful on getting it to my Desktop, but once it got there, the scanner detected it and warned me. HOWEVER, when I got paid Avast Internet Security for reduced price of $20 (thanks to an awesome special), it blocked the malware at the connection. It wouldn't even allow me to TRY to download it. The web shield was lightning fast.

The scanning engine on paid antivirus is so much fast, and less resource intensive, that it made for a beautiful thing.

Further, without a defense-in-depth PC strategy, consumers run extreme risk of having their identity stolen (yes with just a single virus), and the threat is real! Computer security threats and malware are punishable by law now. It's gotten serious. Open your eyes!

Actual statistics show social network security hazards are real and becoming a real problem. That's why Facebook has allied with key antivirus companies, to provide a PAID antivirus solution or internet security solution. The ones offered, except for Microsoft Security Essentials, are PAID versions.

Don't believe me security holes are a problem to users? Take a look at Google grants, which gives away money to find security holes in its products, such as Chrome.

Meanwhile, there are so many security problems in popular browsers, like Firefox, and the users of these browsers need extra protection to protect from the vulnerability of the bugs.

And with many people suffering data loss, it is important to have a security system that helps salvage your important data.

Read more on the difficulty of malware threats in the 2010+ era:
http://secureconnexion.wordpress.com/2012/06/22/running-virtual-analysis-on-malware-is-failing-these-days/
http://secureconnexion.wordpress.com/2012/09/28/fall-malware-threats-2012/
http://secureconnexion.wordpress.com/2012/09/19/zeroaccesssirefef-infects-up-to-9-million-pcs/
http://secureconnexion.wordpress.com/2012/07/27/rakshasa-case-study-really-undetectable/
http://secureconnexion.wordpress.com/2012/06/18/six-arrested-in-japan-for-android-malware/
http://secureconnexion.wordpress.com/2012/06/14/watch-out-this-android-malware-is-top-game/


Please make sure to check out all the appropriate links, before coming back with your rebuttal. And make sure to keep it ethical, or I will close this topic.

And think twice before arguing with a computer security student/professional.

If java has a security hole and Sun or the user fail to update, anti-virus shouldn't protect them from that.

Many people get viruses not because their anti-virus couldn't protect them, but because they continually ignored warnings to upgrade their software including the anti-virus software itself!

I'm not saying viruses and security holes aren't a threat here, they certainly are and user education can prevent a whole lot more than a $10 a month subscription to a service that by design can only prevents threats that are known about and already out in the wild.

Again, agree to disagree none of the links you provided showed that paid anti-virus programs actually block significantly more threats than free ones.