Tom's Guide | Tom's Hardware | Tom's Games | PC Safety Suite
 |
 |
 |
Comment:
Hi there -
We have been running McAfee Security Suite, and a few days ago it had trouble auto-updating. In short, I now realize we are suffering from the following suspicious symptoms:
- we cannot access ANY McAfee-related sites - literally getting errors trying to access www.mcafee.com from both IE7 and Firefox. Cannot update McAfee signature files (cause it won't allow access. Despite the fact that during McAfee support call, we were able to still ping McAfee site, but still can't access anything useful.
- Periodically we are getting web redirects to "adult" websites. These incidents are very intermittent and non-repeatable.
- Cannot update Malwarebytes - says can't access the server - tries to blame firewall but testing with all firewalls off.
I have read similar threads, but I'm sure every case is slightly different. Plus - I see reference to the use of such tools as HiJack This and ComboFix, etc. Looks like folks have had success.
I would like to try, but need some hand-holding - any advice greatly appreciated!
BSN
+1 |   |
Hi,
Can you please post your AVZ log:1) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.
2) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.
3) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as AdministratorYou should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.
begin ExecuteStdScr(3); RebootWindows(true); end.Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.
--------------------------------------------
To Private Message me Click Here
+1 | |
Run this script in AVZ same way as before:
begin SetAVZGuardStatus(True); SearchRootkit(true, true); QuarantineFile('C:\WINDOWS\system32\zupizuma.dll',''); DeleteFile('C:\WINDOWS\system32\zupizuma.dll'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.Your computer will reboot once it reboot try to update your mcafee and report here please don't try to do anything else.
--------------------------------------------
To Private Message me Click Here
+1 | |
I ran the script as you suggested. Unfortunately - I still cannot update McAfee, nor can I access www.mcafee.com
One note: while during the AVZ-initiated reboot, the PC hung up while shutting down - a good 10 minutes or so. I wound up giving it a hard shutdown, then back on...
Will wait for next steps - thanks!
+1 | |
Attach a Combofix log, please review and follow these instructions carefully.
Download it here -> http://download.bleepingcomputer.co...
Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.
Now, please make sure no other programs are running, close all other windows and pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) until after the scanning and removal process has taken place.
Please double click on the file you downloaded. Follow the onscreen prompts to start the scan. Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.
You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post.
--------------------------------------------
To Private Message me Click Here
+1 | |
Trouble downloading ComboFix.
Upon clicking on the link you provided, it begins the download process. I choose Save, and rename to 123.exe while saving to Desktop.
It downloads 99% and then I get error box that says:
Cannot copy ComboFix[1]: Access is denied. Make sure the disk is not full or write-protected and that the file is not currently in use.
The disk is not full and as far as I know is not write protected (I can download other things.)
I did not attempt to download as ComboFix.exe as I did not want malware to detect it.
Please advise!
+1 | |
Please redo/new AVZ log follow Response Number 1. After you post new log links follow these steps:
1) Download and run Kaspersky AVP tool:
http://devbuilds.kaspersky-labs.com...
Once you download and start the tool select all the objects/places to be scanned and hit Scan. Fix what it detects and at the end of the scan post screen shot/log of detected items that is fixed and which it could not fix.
--------------------------------------------
To Private Message me Click Here
+1 | |
Okay will do.
btw - more info on download error for combofix.exe:
I tried downloading combofix.exe onto another computer (laptop). Downloaded successfully. Renamed to a file called "123" (no .exe) tried emailing to infected computer, and also tried to manually transfer with a thumbdrive. In all cases, won't allow download or transfer of that file.
As a test, when attempting to transfer, I also transfered another file (a .gif file) - this transfered just fine to the Desktop. Not only did the "123" (aka combofix) file not transfer, but it was wiped from the thumbdrive upon attempt.
I will try as you say.
+1 | |
Please follow Response Number 7. Also if you did full system scan with superantispyware, then please post a log of the scan.
--------------------------------------------
To Private Message me Click Here
+1 | |
I will follow response 7.
Here is Super AntiSpyware log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/18/2009 at 10:43 PM
Application Version : 4.26.1002
Core Rules Database Version : 3900
Trace Rules Database Version: 1846Scan type : Complete Scan
Total Scan Time : 01:04:32Memory items scanned : 583
Memory threats detected : 0
Registry items scanned : 9075
Registry threats detected : 1
File items scanned : 31904
File threats detected : 63Adware.Tracking Cookie
C:\Documents and Settings\comp8\Cookies\comp8@208.122.40[3].txt
C:\Documents and Settings\comp8\Cookies\comp8@tacoda[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@statcounter[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@stats.paypal[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@collective-media[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.stopzilla[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@adserver.adtechus[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@petfinder[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@bizrate[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@ad.yieldmanager[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@xml.trafficengine[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@realmedia[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.deepdiscount[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@iacas.adbureau[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.ticketsnow2[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@doorknobdiscountcenter.hubspot[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@revsci[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@server.iad.liveperson[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@richmedia.yahoo[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@zillow.adbureau[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@adbrite[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@server.iad.liveperson[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@adserver.mapmyfitness[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@atwola[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.teenhardmovs[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@bridge1.admarketplace[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@e-2dj6wfkyehc5cdq.stats.esomniture[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@208.122.40[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@at.atwola[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@chitika[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@stopzilla[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@e-2dj6wjl4egcpcco.stats.esomniture[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@interclick[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@ads.nba[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@xiti[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.burstnet[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@mlspropertyfinder[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@feed.validclick[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@admarketplace[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@burstnet[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@media6degrees[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@track.bestbuy[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@deepdiscount[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@adbureau[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@ads.sun[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.doorknobdiscountcenter[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@www.doorknobdiscountcenter[3].txt
C:\Documents and Settings\comp8\Cookies\comp8@ads.escalatemedia[2].txt
C:\Documents and Settings\comp8\Cookies\comp8@caloriecount.about[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@a1.interclick[1].txt
C:\Documents and Settings\comp8\Cookies\comp8@doorknobdiscountcenter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@oasc10.247realmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@technoratimedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@oasc09.247realmedia[2].txt
C:\Documents and Settings\Joseph\Cookies\joseph@www.macromedia[1].txt
C:\Documents and Settings\Leah\Cookies\leah@adcentriconline[2].txt
C:\Documents and Settings\Leah\Cookies\leah@partner2profit[1].txtTrojan.Fake-Alert/Trace
HKU\S-1-5-21-2450587244-1577486261-2050807170-1006\SOFTWARE\Microsoft\fias4013
+1 | |
For response 7, Part 1: Redo of Response 1 - AVZ log #2:
http://rapidshare.com/files/2350067...
Part 2 (Kaspersky) coming up...
+1 | |
More problems - now with installing Kaspersky.
Downloaded file okay, but issues installing. See screenshot of error message.
http://rapidshare.com/files/2350084...
Please advise and thanks so much for your help!
+1 | |
Try AVP tool and combofix in safe mode.
--------------------------------------------
To Private Message me Click Here
+1 | |
Try to load minimum amount of drivers in safe mode. It shouldn't matter but try both if one doesn't work. Try both first AVP tool then combofix.
--------------------------------------------
To Private Message me Click Here
+1 | |
I had the exact same symtoms (Mcafee error when updating and not able to go to security sites). I followed this advice and resolved it.
- Go to download.com and get the latest version of malwarebytes. When you install it will give an error (I think it trys to check for updates) but then the scan screen will still come up. I did a complete scan (in my case about 3 hours) and it found about 8 infected files. I accepted option to remove these, had to do a shutoff reboot, and when I got back on... everything was working with Mcafee... I downloaded the mcafee technician software and he ran and found nothing wrong. I tried to contact Mcafee and make them aware of the problem but got some 1st level guy (probably from India) who was more interested in me sending him my comcast subscriber serial number than listening to the details of the problem.
+1 | |
Ran Kaspersky in Safe Mode:
Found 2 items. Could not "disinfect" either, but could "delete" both. (what's the difference?)
Here is Kaspersky log:
Scan
----
Scanned: 1969757
Detected: 2
Untreated: 0
Start time: 5/19/2009 9:41:19 PM
Duration: 10:45:56
Finish time: 5/20/2009 8:27:15 AM
Detected
--------
Status Object
------ ------
deleted: Trojan program Exploit.SWF.Agent.ao File: C:\Documents and Settings\comp8\Local Settings\Temporary Internet Files\Content.IE5\1C2IO6BC\3a[1].swf//Swf2Swc
deleted: Trojan program Trojan-PSW.Win32.Kates.c File: C:\WINDOWS\cpnbeje.ytt
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
+1 | |
Not all virus you can disinfect some of them you will have to delete file. Please fix what kaspersky detected and follow Response Number 5.
--------------------------------------------
To Private Message me Click Here
+1 | |
Okay - now that I have run Kaspersky, trying to run ComboFix in safe mode.
If you recall I had trouble downloading/transfering (with a thumbdrive) combofix.exe (renamed 123.exe) to infected PC. Now trying to transfer with thumbdrive while in Safe Mode (no networking). File transfered to Desktop okay but upon trying to run, it loads ComboFix and then says:
~~~~~~~~~~~~~~~~~~
* ALERT * It is not safe to continue. The contents of the ComboFix package has been compromised. Please download a fresh copy from:http://www.bleepingcomputer.com/com...
NOTE: You may be infected with a file patching virus (Virut)
~~~~~~~~~~~~~~~~~Please advise
+1 | |
Make sure you download combofix again (fresh copy) and try transfering via usb also try safe mode with networking support. If you still get same message let me know.
--------------------------------------------
To Private Message me Click Here
+1 | |
Rebooted into Safe Mode with Networking.
Downloaded Combofix.exe (saved as 321.exe) onto another laptop. Transfered to infected PC via USB thumbdrive.
Same results - transfered okay, but ALERT warning upon running.
+1 | |
1) Boot into normal mode (use normal mode).
2) Follow these steps with AVZ script:
begin SetAVZPMStatus(True); RebootWindows(true); end.Your computer will reboot.
3) After reboot follow. Response Number 1
Your computer will reboot again.
--------------------------------------------
To Private Message me Click Here
+1 | |
Okay - I followed R22.
Here is the last log after rerunning R1:
http://rapidshare.com/files/2352056...
ONE MORE NOTE:
This may be unrelated, but the last 5-7 times (or so) I've rebooted, PC is saying it's found "new hardware" (just says it's "unknown"). Prompts to insert CD which the came with the hardware, etc. I just hit cancel because I have no idea what it thinks it's finding. I don't have any new hardware or new devices hanging off USB, etc...
Anyway - I know one thing at a time, but figured I'd let you know in case it's related.
Thanks -
+1 | |
Yes leave that for now. Do you have anything from Norton installed? If not please use this tool remove Norton left overs because i see some of the norton component still running on the system: http://service1.symantec.com/SUPPOR...
After removal continue with combofix in normal mode if doesn't work then safemode.
--------------------------------------------
To Private Message me Click Here
+1 | |
I ran Norton uninstall.
Attempted ComboFix again - same results. I can download/transfer, but get same message in both normal and Safe modes:
~~~~~~~~~~~~~~~~~~
* ALERT * It is not safe to continue. The contents of the ComboFix package has been compromised. Please download a fresh copy from:http://www.bleepingcomputer.com/com...
NOTE: You may be infected with a file patching virus (Virut)
~~~~~~~~~~~~~~~~~Upon saying "OK" it aborts the program and it would appear it deletes the 123.exe (aka combofix.exe) file as well.
+1 | |
Can you access mcafee sites not or still the same?
--------------------------------------------
To Private Message me Click Here
+1 | |
Run this script in AVZ. Your PC will reboot.
begin ExecuteRepair(1); ExecuteRepair(2); ExecuteRepair(6); ExecuteRepair(10); ExecuteRepair(14); ExecuteRepair(15); RebootWindows(true); end.After reboot check and see if you can access mcafee site. Also do a full scan with http://www.eset.com/onlinescan/. When it finishes it will create a log file here: C:\Program Files\EsetOnlineScanner\log.txt. Attach this logfile to your next message.
--------------------------------------------
To Private Message me Click Here
+1 | |
Followed R28.
Here is ESET log:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# IEXPLORE.EXE=7.00.6000.16827 (vista_gdr.090226-1506)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=810307091ffdd14ca9bb92c72fc410f5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-05-21 09:11:58
# local_time=2009-05-21 05:11:58 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5121 21 100 88 417219085468750
# compatibility_mode=5889 61 66 100 803007625468750
# scanned=130250
# found=2
# cleaned=2
# scan_time=23389
C:\Documents and Settings\comp8\My Documents\BIN\Downloaded Programs\snowycottagefree.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000
C:\WINDOWS\cpnbeje.ytt Win32/Delf.OIQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000
+1 | |
Can you access www.mcafee.com ? If not please provide traceroutes to.
How to Traceroute: http://www.mediacollege.com/interne...
1) tracert www.mcafee.com
2) tracert 216.49.88.12You can post screenshots.
--------------------------------------------
To Private Message me Click Here
+1 | |
If it were me, and it has been ME a time or time in your position, I would first uninstall anything that is called Mcafee or Norton. They both suck badly and create more problems than answers.
Secondly, I would try to go to a FREE online virus scan. Assuming you have hi speed its a good idea. Try Bitdefender as it has a good track record for catching viruses that others cannot. If you look at the trend, both Mcafee and Norton are notorious for NOT seeing viruses.
Stay away from Trend Micro online scan. It takes about a year to get it working. Also avoid Ikarus, they install spyware.
Once you get everything "fixed", I would install Avast Antivirus and keep it updated. It's "almost" perfect. It can get most viruses. But sometimes it misses 1 or 2. So, installing bitdefender or something alongside it will keep you safe.
Its good experience to take an infected file you find on your pc, and upload it to an online file scanner. The reason is because it will scan the file using 40 different virusscan programs and show you the results for each. Thats how you can tell which programs work, and which do not. Mcafee really fails the test badly.
I get a virus once every two years and thats because I am surfing in dangerous waters sometimes. ;)
A last good note that many rookies should know. If you are using a store bought pc that still has factory Windows setup, wipe everything out, install OS fresh and clean from a disc, and eliminate all the factory installed spyware and junkware that is on every store bought pc.
Thats all.
+1 | |
Thanks all for the advice.
Neoark - Still cannot access mcafee.com.
I will tracert when I can and post (not at PC now and not sure I can screenshot remotely?). In the meantime, am I at risk of exposing my IP address to all reading this forum when I post the tracert results? Just being paranoid.Thanks
+1 | |
You can private message it to me if you like.Just paste the end of each traceroute want to see where it ends.
--------------------------------------------
To Private Message me Click Here
+1 | |
I printed the results of the tracert to a file and pasted into a private message to you.
However - both sites yielded the exact same results - and both ended with:
17 102 ms 100 ms 99 ms www.mcafee.com [216.49.88.12]
Is this weird? I have no idea what I'm looking for in this, but it would appear the tracert is actually making it to mcafee.com.
Hmmm - does not explain why I cannot access anything mcafee related - but more importantly, why McAfee can't update via Security Center...
+1 | |
Well this is mystery. I suggest you contact mcafee support about the issue since your traceroute works and other sites work aswell just not mcafee. Just out of curiosity what web browser are you using?
--------------------------------------------
To Private Message me Click Here
+1 | |
IE7 but also tried Firefox and unable to access with both.
Originally I thought it would be just a browser setting, but given that fact that McAfee can't update via Security Center, I assume there is an access issue, and not just a browser issue.
The message I'm getting when I attempt to access www.mcafee.com is: http 501 / http 505
But aside from not being able to access mcafee - do you believe I still have some malware running? That is - why am I also having trouble running combofix???
I very much appreciate all your help!
+1 | |
Yes you do have some malware aswell. But kaspersky, Eset aren't showing much. Try to also:
1) Change your dns server to www.opendns.com/start/, reboot and open http://www.opendns.com/welcome/ tell me what it says.
2) Run bitdefender online scanner.
--------------------------------------------
To Private Message me Click Here
+1 | |
It now says - "congrats - you're using Opendns..."
Ran bitdefender: found:
C:\WINDOWS\cpnbeje.ytt Infected with: Trojan.PWS.Agent.SHZ
C:\WINDOWS\cpnbeje.ytt Deleted
I think we've seen other scans find something wrong with cpnbeje.ytt, and all have "deleted" it. When it says "deleted" - does that mean it deletes the file cpnbeje.ytt? or just the infected portion of it? Is this a legit file? I ask because as many times as it says it is deleting it, it is still there as we speak.btw - still cannot access www.mcafee.com
+1 | |
Run this script in AVZ:
begin SetAVZGuardStatus(True); SearchRootkit(true, true); QuarantineFile('C:\WINDOWS\cpnbeje.ytt',''); DeleteFile('C:\WINDOWS\cpnbeje.ytt'); BC_ImportAll; ExecuteSysClean; BC_Activate; RebootWindows(true); end.After you PC reboots check and see if file got deleted.
--------------------------------------------
To Private Message me Click Here
+1 | |
Sorry was away over weekend.
Ran script as in R39.
After reboot - file cpnbeje.ytt is still there.
Timestamp for cpnbeje.ytt is 3/21/2009 10:06am. I say that only because now there is also a file called cpnbeje.yttx with the exact same timestamp - I did not notice this second (.yttx) file before.
+1 | |
Follow these steps in order Numbered:
1) Run this script in AVZ:
begin CreateQurantineArchive('c:\quarantineytt.zip'); end.2) A file called quarantineytt.zip should be created in C:\. Then please upload to a filehost such as http://rapidshare.com/ Then, Private Message me the Download link to the uploaded file.
3) Install, update and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, but Please Don't fix anything yet, until the log is reviewed.
4) Please read this carefully. Redo Response Number 5. But in safe mode with Networking. Don't use USB to transfer download it directly via internet to your desktop and rename it before downloading. Also if you still get that error continue with combofix, unless combofix exits's by itself. If you have error with downloading combofix then post a screenshot.
--------------------------------------------
To Private Message me Click Here
+1 | |
I had trouble updating the latest file in Malwarebytes (assume symptom of my spyware issue).
I HAVE A MAJOR UPDATE TO THIS THREAD.
First - I want to thank all - especially Neoark - for walking me through all of these attempts to diagnose and clean my system.
I have decided to start anew by reinstalling Windows XP. I was given a much larger HDD a few months ago, and honestly was looking for a reason to install and start over. Although I was trying to make this work - and honestly I was hoping to solve the spyware issue just because it appeared to be a challenge - my spyware issue is now resolved in the form of starting over.
Thanks Neoark - and I'll be sure to keep this page bookmarked as it's only a matter of time before spyware will strike again.
ALSO - I have decided that McAfee is not for me. Too slow, and apparently not effective anyway.
Can you/anyone please advise what you think is best to run on my new system?
I've read about some free but highly effective antivirus programs - and perhaps a complementary anti-spyware. Any two that play nicely together?
Many many thanks -
+1 | |
One of these antivirus kaspersky/bitdefender/eset/norton/mcafee GW edition with malwarebtyes/superantispyware are good combo. However remember nothing in 100%.
-------------------------------------------------
+1 | |
My recommendation comes from benchmarks/tests done by http://www.virusbtn.com/index and other independent companies plus my own experience with malware.
-------------------------------------------------
+1 | |
Thanks again.
One last (we'll see) question: of the AV programs you mentioned - are any of them free? Are they as effective?
I realize you may get what you pay for - but just wondering if there are effective ones that are free. AKA do I truly get more protection from something that I pay for?
+1 | |
Hi BSN321, r u still facing the same problem or its solved now? if not, let me know may b i would help u out.
 |
 I got Zlob and, boy, do I...
|
free av for vista home pr...
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
