We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Fraud.WindowsProtectionSuite HELP!
Options
January20
Posts: 3,769 Forumite
in Techie Stuff
My computer has been infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.Redirected Hosts. I can find it with SpyBot, but I am unable to access it to remove it. Google is largely useless. :mad:
Any ideas what to do? ANY help would be greatly appreciated!
Any ideas what to do? ANY help would be greatly appreciated!
LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints
"The road to DF is long and bumpy" GreenSaints
0
Comments
-
Download MALWAREBYTES (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_malwarebytes_anti_malware/
Open malwarebytes and goto UPDATE and click 'check for updates'. After its updated goto SCANNER and click PERFORM FULL SCAN then click SCAN
Post the COMPLETE log here AFTER youve deleted everything it finds
reboot
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)
Download HostsXpert
http://download.softpedia.com/dl/a688cad746f64494e3ba8aee103f97e4/4b3ceb67/100027041/software/system/HostsXpert.zip
and then follow the below steps.
* Unzip HostsXpert.zip
* It will create a folder named HostsXpert in whatever folder you extract it to.
* Run HostsXpert.exe by double clicking on it.
* click the Make Writeable? button.
* click Restore Microsoft's Hosts File and then click OK.
* Click the X to exit the program:idea:0 -
Malwarebytes' Anti-Malware 1.44
Database version: 3667
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
31/01/2010 15:04:29
mbam-log-2010-01-31 (15-04-29).txt
Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 251290
Time elapsed: 49 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\AntiMalware_ProNE (Rogue.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\AntiMalwarePro\AntiMalwarePro.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\Program Files\AntiMalwarePro\Cl.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Claude\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LGKZ2RJ\anti-malware-application[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints0 -
do the hosts file bit and hijackthis log for AlienRik
Ex forum ambassador
Long term forum member0 -
On attempting to run 'HijackThis', this message comes up:
For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.
If that happens you need to edit the file yourself. To do this, click Start, Run and Type:
Notepad C:\Windows\System32\drivers\etc\hosts
And press Enter. Find the line(s) HijackThis reports and delete them. Save the file as ‘hosts.’ (with quotes). And reboot.
For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose ‘Run as adminisrator’.
Do i just do as it tells me?LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints0 -
yes, run as administratorEx forum ambassador
Long term forum member0 -
there aren't any lines 'HijackThis reports' and when right clicking, it doesn't give an option of 'Run as Administrator"LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints0 -
just try the 2nd bit, should be there
For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose ‘Run as adminisrator’.
It’s possible to mark the tools requiring Administrator privileges by simply opening ‘File Properties’, then clicking ‘Compatibility’ tab, then ‘Run this program as administrator’Ex forum ambassador
Long term forum member0 -
Press the SHIFT key at the same time as right clicking:idea:0
-
After clicking off the pop ups from 'HijackThis', i am then told
cannot find the C:\Program Files\TrendMicro\HiJackThis\hijackthis.log file
Do you want to create a new file?LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints0 -
pressing shift still didn't work...LBM: August 2006 £12,568.49 - DFD 22nd March 2012
"The road to DF is long and bumpy" GreenSaints0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.6K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards