We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
de-bugging i-pad
Comments
-
Yes that's malware. Probably something like this......there appeared to be 2 a/vs on the machine, avira and antivirus pro.??which was demanding money, and pesumed a/v could be trojan, blocking download, and anything I did, even getting on line...
....That was/is still on, and names all the Trojans, and says, failed to remove...
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-security-pro
From safe mode? See if it'll run in normal mode using chameleon if it wont run normally.mbam, found umpteen problems, which I fixed,ok
https://malwarebytes.zendesk.com/entries/21892442-Should-I-scan-with-Malwarebytes-Anti-Malware-in-Safe-Mode-
https://malwarebytes.zendesk.com/entries/20872371-Use-Chameleon-to-run-Malwarebytes-Anti-Malware-on-infected-systems
I don't think you're going to be able to clean this though just by running lots of different scanners. Get me a DDS log.
You may have to do it in safe mode with networking if you cant in normal mode.
Post me a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Hi waddler,That,s exactly the one that I had, thanks for reply. Will follow your instructions when daughter brings it later, after she,s backed up her stuff, if it allows her?Yes that's malware. Probably something like this...
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-security-pro
From safe mode? See if it'll run in normal mode using chameleon if it wont run normally.
https://malwarebytes.zendesk.com/entries/21892442-Should-I-scan-with-Malwarebytes-Anti-Malware-in-Safe-Mode-
https://malwarebytes.zendesk.com/entries/20872371-Use-Chameleon-to-run-Malwarebytes-Anti-Malware-on-infected-systems
I don't think you're going to be able to clean this though just by running lots of different scanners. Get me a DDS log.
You may have to do it in safe mode with networking if you cant in normal mode.
Post me a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
Any idea how she would come to get that one??
Won,t be till teatime, after she finishes work.
I thought the 2nd A/v , the one you have just highlighted,could be scareware, as it kept saying, attack attempt etc, umpteen times, ?
I ran Avira in safemode with network, and it showed,18 problems, and , 40 warnings,fixed the problems, but left the warnings posted to notepad, didn,t copy or anything as I thought I had pc till it was fixed..
Mbam showed several problems, which it fixed ok, again in safemode with network.0 -
As I said, always try normal mode wherever possible.
Other than running mbam using chameleon in normalmode, running rkill may help with others.
http://www.bleepingcomputer.com/forums/t/308364/rkill-what-it-does-and-what-it-doesnt-a-brief-introduction-to-the-program/
http://www.bleepingcomputer.com/download/rkill/0 -
Will do.:beer:As I said, always try normal mode wherever possible.
Other than running mbam using chameleon in normalmode, running rkill may help with others.
http://www.bleepingcomputer.com/forums/t/308364/rkill-what-it-does-and-what-it-doesnt-a-brief-introduction-to-the-program/
http://www.bleepingcomputer.com/download/rkill/0 -
Hi waddler, cannot download dds.Yes that's malware. Probably something like this...
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-security-pro
From safe mode? See if it'll run in normal mode using chameleon if it wont run normally.
https://malwarebytes.zendesk.com/entries/21892442-Should-I-scan-with-Malwarebytes-Anti-Malware-in-Safe-Mode-
https://malwarebytes.zendesk.com/entries/20872371-Use-Chameleon-to-run-Malwarebytes-Anti-Malware-on-infected-systems
I don't think you're going to be able to clean this though just by running lots of different scanners. Get me a DDS log.
You may have to do it in safe mode with networking if you cant in normal mode.
Post me a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)
malware deleting it, even in safemode with network?? it goes as far as run or save, then it deletes it whichever one I choose.
Do I need chameleon if mbam runs ok in safe mode, as I,m doing now??? got 9 objects so far;;;??
full scan.0 -
Mbam performs better in normal mode - Use chameleon
Don't bother with full scan - run the quick scan.0 -
Hi waddler, did a full scan without chamelion in safemode, 15 items found, didn,t save the log, just fix.Thought it fixed, fault, tried downloading Avast twice in normal, once in safemode, all failed, said infected, so presume, it,s still there.Mbam performs better in normal mode - Use chameleon
Don't bother with full scan - run the quick scan.
Dialogue box came up, "pc not performing correct, click ok to fix"
Didn,t, presumed it was malware.
Running Spybot at present.halfway through , in safemode.
Everything out of date.
Gonna try chameleon next, but, not sure how, so still reading up, might as well let SD finish now.
cannot download dds, IE and chrome very slow.can you bare with me, please.0 -
Update. Won,t let me download Chameleon, says files infected, same as Avast etc, so Malware still there blocking me.?Hi waddler, did a full scan without chamelion in safemode, 15 items found, didn,t save the log, just fix.Thought it fixed, fault, tried downloading Avast twice in normal, once in safemode, all failed, said infected, so presume, it,s still there.
Dialogue box came up, "pc not performing correct, click ok to fix"
Didn,t, presumed it was malware.
Running Spybot at present.halfway through , in safemode.
Everything out of date.
Gonna try chameleon next, but, not sure how, so still reading up, might as well let SD finish now.
cannot download dds, IE and chrome very slow.can you bare with me, please.
Can run normal without Chameleon, just doing a short one now and save the log.Doubt it will show anything though, then try dds again.
sorry about the pain waddler, this is a beggar, using both pc,s at present
no a.v on it now
edit, nothing detected..without chameleon in normal
security centre turned off, cannot be started.0 -
Malwarebytes Anti-Malware 1.75.0.1300Update. Won,t let me download Chameleon, says files infected, same as Avast etc, so Malware still there blocking me.?
Can run normal without Chameleon, just doing a short one now and save the log.Doubt it will show anything though, then try dds again.
sorry about the pain waddler, this is a beggar, using both pc,s at present
no a.v on it now
edit, nothing detected..without chameleon in normal
www.malwarebytes.org
Database version: v2013.09.11.06
Windows Vista Service Pack 2 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Rose :: ROSE-PC [administrator]
11/09/2013 17:35:38
mbam-log-2013-09-11 (17-35-38).txt
Scan type: Full scan (C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 369830
Time elapsed: 1 hour(s), 18 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Rootkit.0Access.ED) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\!etadpug (Rootkit.0Access.ED) -> Delete on reboot.
Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AS2014 (Malware.Packer.CV) -> Data: C:\ProgramData\Danpn373\Danpn373.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AS2014 (Malware.Packer.CV) -> Data: C:\ProgramData\Danpn373\Danpn373.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update (Rootkit.0Access.ED) -> Data: "C:\Users\Rose\AppData\Local\Google\Update\GoogleUpdate.exe" /c -> Quarantined and deleted successfully.
HKCU\Control Panel\don't load|wscui.cpl (Hijack.SecurityCenter) -> Data: No -> Quarantined and deleted successfully.
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 6
C:\ProgramData\Danpn373\Danpn373.exe (Malware.Packer.CV) -> Quarantined and deleted successfully.
C:\Users\Rose\AppData\Local\Google\Desktop\Install\{f5bcd340-d062-07d2-560a-ffd3597a14f2}\❤≸⋙\Ⱒ☠⍨\!ﯹ๛\{f5bcd340-d062-07d2-560a-ffd3597a14f2}\GoogleUpdate.exe (Rootkit.0Access.ED) -> Quarantined and deleted successfully.
C:\Users\Rose\AppData\Local\Google\Update\GoogleUpdate.exe (Rootkit.0Access.ED) -> Quarantined and deleted successfully.
c:\program files\google\desktop\install\{f5bcd340-d062-07d2-560a-ffd3597a14f2}\ \...\!ﯹ๛\{f5bcd340-d062-07d2-560a-ffd3597a14f2}\googleupdate.exe (Rootkit.0Access.ED) -> Quarantined and deleted successfully.
C:\Users\Rose\Desktop\Antivirus Security Pro support.url (Rogue.AntiVirusSecurity) -> Quarantined and deleted successfully.
C:\Users\Rose\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity) -> Quarantined and deleted successfully.
(end)
Hope this works.log of full scan, without cham, in safemode
Still cannot download DDS.same as RKill;;;0 -
You shouldn't have to download it as it should be installed already, unless it's a really outdated version of mbam.Won,t let me download Chameleon
There lies the problem. You'll not get anywhere untill that's gone.Rootkit.0Access.ED
When you boot to the advanced boot options (where you enter safemode) via f8, do you see the option "Repair your Computer" on the advanced boot options menu?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards