• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Malware?

#1
The "ClipBoardPath" gets one an advert for a cell phone to PC transfer utility or something like that but no Clip board Path utlilities as far as I can see.

Best and Warm Regards
Adrian Wainer
Hi Adrian,

That link works fine for me, I just checked and downloaded it fine :confused:

Steven
I don't doubt for a minute that it is working for you, but I tried it since you posted your response and it is still doing the same thing. After one has downloaded the software from the net, one is presented with a two part thing , the first part is the package one is looking for but when one clicks install it and goes to where it has assigned itself to install, there is nothing whilst the second part creates a link on one's desktop to a trial for a payware mobile phone software utility. The only explaination I can think off is that, there is some sort of mechanism connected with the site offering this software that would give out the actuall software to some people and just a link to an advert to others.

http://www.winfonie.de/r/sb_c_d


Best and Warm Regards
Adrian Wainer
 
Last edited:

Bare Foot Kid

R.I.P. August 13th 2014
#2
Re: handy Vista 64-bit utilities

Hello Adrian.

Are you sure you don't have some kind of 'evilware' re-directing you?

(it works for me)









Later :shock: Ted
 
#3
Re: handy Vista 64-bit utilities

Hello Adrian.

Are you sure you don't have some kind of 'evilware' re-directing you?

(it works for me)

Later :shock: Ted
You could be right about the evilware but I think the second part that put the link on to my desktop to the payware, has got to do with the person who has the download page, because the name of the company is quite like his name, so that aspect looks me as if it is controlled by the site that is in the link, the only thing I can think of which could be generating a different response from other folks, is because the way my ISP does its thing my IP address will often come up as being listed as a suspected proxy, so maybe the download site handles download requests from suspected proxy IP addresses in that way.

Best and Warm Regards
Adrian Wainer
 
#7
Hello Adrian.

Have you run an Avast boot scan lately?











Later :shock: Ted
Nope :eek:

The regular Avast picked up a Virus a couple of minutes ago. Might run the boot scan after the ClamWin has completed.

I am currently running a whole system scan with a freeware called ClamWin, it is specified as being compatible with Vista though it does not say anything about the 64 bit version, though so far [ the scan is not yet competed ] it seems to be running fine.

Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.
Free Antivirus for Windows - Open source GPL virus scanner

Best and Warm Regards
Adrian Wainer
 

Bare Foot Kid

R.I.P. August 13th 2014
#9
Hello Adrian.

It is my understanding that it is best to let the progran that detects the 'evilware'
remove it from the system.
Let that happen then run the "Boot Scan". just to mention it; two A/Vs running
on the same system will conflict with each other, like two F/Ws.

Get rid of all you can with the progams you have then it would be a good idea to
install this and run it and attach (not copy/paste) the log file here. Maybe someone that knows HJT will have a look at it for you.

TrendSecure | Download TrendMicro™ HijackThis™

Keep us informed as to your progress.


Later :shock: Ted
 
#11
Thanx for your detailed and Friendly response. It is only my personal opinion but I have suspicions that the negative aspect of running two anti-virus programmes together is somewhat over-stated and might be more to do with a desire of payware AV software companies to stop their customer base migrating to new start-up payware AV software companies and freeware AV programmes. I ran Norton and AVG together on a Windows XP 32 and I could not see any problems with it, now sometimes one of the AV softwares would detect the others activities and flag it as a possible mallware activity but it was easy enough to see it was a legitimate anti-virus activity and okay it. With the ClamWin as it is not a 24/7 on-going process but a user initiated one, I would think the chances of a conflict ariseing are pretty low, but thanks for the tip anyway.

Best and Warm Regards
Adrian Wainer
 
#12
This the ClamWin report

Best and Warm Regards
Adrian Wainer


Scan Started Sun Aug 03 12:42:20 2008
-------------------------------------------------------------------------------

C:\Program Files (x86)\ScreenshotCaptor\MouseHook.dll: Trojan.Delf-4268 FOUND
 
#13
This the ClamWin report

Best and Warm Regards
Adrian Wainer


Scan Started Sun Aug 03 12:42:20 2008
-------------------------------------------------------------------------------

C:\Program Files (x86)\ScreenshotCaptor\MouseHook.dll: Trojan.Delf-4268 FOUND
Did a whole system scan with AVG anti-virus and it detected Mousehook as a Trojan and shifted it to the virus vault.

Best and Warm Regards
Adrian Wainer
 
#15
Thanx for your detailed and Friendly response. It is only my personal opinion but I have suspicions that the negative aspect of running two anti-virus programmes together is somewhat over-stated and might be more to do with a desire of payware AV software companies to stop their customer base migrating to new start-up payware AV software companies and freeware AV programmes. I ran Norton and AVG together on a Windows XP 32 and I could not see any problems with it, now sometimes one of the AV softwares would detect the others activities and flag it as a possible mallware activity but it was easy enough to see it was a legitimate anti-virus activity and okay it. With the ClamWin as it is not a 24/7 on-going process but a user initiated one, I would think the chances of a conflict ariseing are pretty low, but thanks for the tip anyway.

Best and Warm Regards
Adrian Wainer
You don't want to run two AV's at once real time, even one real time and one on demand may conflict.
Try these two programs there free.

Superantispyware
Malwarebytes Anti-Malware

Run scans with them. I have both installed here as on demand. Don't use them real time there not compatible with x64 yet.

And go to a HJT forum to have your computer checked.

SWI Forums -> Malware Removal
 
Last edited by a moderator:

johngalt

Antidisestablishmentarian
Vista Guru
#16
I help beta test MBAM and can confirm that the real time scanning engine is still not x64 compliant - and the real time scanning engine is the only reason to buy the product, so there is really no need to buy it in the first place, unless you want to show support for the app.

Marcin and the developers at MBAM work extra hard to get this app in top shape, and more than once I have found it finding F/Ps prior to public release that are curbed before release - not everything is found, however, and sometimes things slip through.

SUPER is another good product as well. I have a license for that through CoU or CastleCops, forgot which one - but I find myself increasingly relying on MBAM.

ALso a couple not ot be ignored:

Spybot S&D and Spywareblaster.
 

Chappy

Tech Help since 1993
Vista Guru
#17
John

Marcin is a very good friend of mine, and he's a SuperMod at my main Tech and security site I'm root Admin at. Actually my graphics card was shipped to me by Marcin, he got it from Geeks 2 Go for them using his anti malware programs. He's VERY good at what he does!

MBAM nailed Zlob trojan I inadvertantly picked up 2 days ago...my very FIRST infection that I didn't put on a machine on purpose!!
3:30 am and I misread a CODEC thingy, and made my first mistake....I must have been tired.

But I digress...I had no issue, nor did I see anything that said it has issues on 64bit? I had only the free version, and I haven't talked to Marcin yet, but is this still an issue for 64bit?
 

Chappy

Tech Help since 1993
Vista Guru
#18
Hi kr4ey

And go to a HJT forum to have your computer checked.

SWI Forums -> Malware Removal
Excellent!!
I'm a HJT teacher and worked with Merijn (HJT Developer) for years on this project. I always cringe when I see untrained people analyzing logs, and many times I can tell they're using an online analyzer. Neither are good ideas, untrained folks will miss many of the very subtle things a HJT log can list, like a ; after \\ which means there's an ADS (Alternate Data Stream). Online analyzers are STRICTLY to confirm there's a problem and then the person should go to an accredited HJT forum for help.

I'm VERY glad to see you linking to a proper site like SWI, shows you know full well how intricate these logs can be. Have you taken the training at SWI or another site?
 

rive0108

Vista Guru
Gold Member
#19
:eek:
Avast

Update Checker

CCleaner

Spybot

Best and Warm Regards
Adrian Wainer
Ouch...why do alot of people use these... and is it any wonder they have malware??
Just my two cents, but all the time and effort, and in some cases money, used to try and fix computer issues that are a result of malware that could have been avoided had one just spent $25 on a decent antimalware program has me scratchin my head... What is the deal with the freebie programs, Save a few bucks now, but spend $100 and days troublshooting and/or reinstalling O/S later??

One word of advice- If you dont know much about computers, DO NOT use registry cleaners (CCleaner), or antivirus programs that fail to even offer mediocre protection (Avast). :eek:
 
Last edited:
#20
The other day I almost got hit with TrojanDownloader:JS/Psyme.gen, but my AV caught that sucker and dumped it in the quarantine area. I then went in to my AV program and deleted it. I also did a full scan to be on the safe side, and no area's of my computer were infected.

The trojan I mention is also known by other names.

I personally gave up on free programs, most of them don't even offer the protection level that paid programs do.