• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Search

Search results

A PUP category

I had thought of the Idea od a PUP class of detection,  after a PC in front of me couldn't get past the "Welcome" screen on startup and I found a conflict between the AV installed and the 7 PUP's installed (yes 7) I used Safe Mode to u ...
Forum Thread
Author:
Posted:
10-Nov-2012 | 6:08PM
Comments:
27
Kudos:
19
Me Too:
0

Although Rapid drivers and

Although Rapid drivers and the Catroot folders could be causes (a few others to) The main problem with Norton and Windows not staying Genuine or not able to be validated is http://support.microsoft.com/kb/2230957 For whatever reason the "SYSTEM" ...
Forum Thread comment
Author:
Posted:
09-Jan-2015 | 7:59PM
Kudos:
11

Re: ICPP -Antipiracy virus

Try this Unlock code   RFHM2-TPX47-YD6RT-H4KDM Removal Instructions for 2 variants http://www.bleepingcomputer.com/virus-removal/remove-i-q-manager http://www.bleepingcomputer.com/virus-removal/remove-ap-manager-copyright-violation-alert Quads ...
Forum Thread comment
Author:
Posted:
16-May-2010 | 1:49PM
Kudos:
6

Re: 'Shylock' malware hit by authorities

http://www.symantec.com/connect/blogs/all-glitters-no-longer-gold-shylock-trojan-gang-hit-takedown Quads ...
Forum Thread comment
Author:
Posted:
11-Jul-2014 | 9:51PM
Kudos:
2

Re: Power eraser

Youre Modem won't work in Safe Mode that is the purpose of Safe Mode Set to 'Show hidden Files and Folders' in Control Panel => Folder Options => View Then go to this folder Windows\pss Look for a file named boot.ini.backup  or boot.i ...
Forum Thread comment
Author:
Posted:
01-Aug-2012 | 9:23PM
Kudos:
3

W32.Ransomlock.AO and W32

W32.Ransomlock.AO and W32.Ransomlock.AO!inf ...
Forum Thread comment
Author:
Posted:
10-Dec-2014 | 9:23PM
Kudos:
4

A PUSS not a PUP

Quads I do not need a solution (just sharing information). ...
Forum Thread
Author:
Posted:
25-Dec-2013 | 6:14PM
Comments:
10
Kudos:
6
Me Too:
0

Just Cloud / MyBackup group,

Just Cloud / MyBackup group, comes bundled with others software (like optimizer Pro etc) and as such is seen as a PUP / PUA for that reason also.  Instance  http://www.bleepingcomputer.com/forums/t/523506/mypc-backup-searchprotect-sync-folder-conduitsearc ...
Forum Thread comment
Author:
Posted:
27-Nov-2014 | 1:11PM
Kudos:
4

My PC backup is seen as a PUP

My PC backup is seen as a PUP http://www.symantec.com/security_response/writeup.jsp?docid=2014-080811-2516-99 Tools like  MBAM, ADWcleaner and JRT also detect it Quads ...
Forum Thread comment
Author:
Posted:
26-Nov-2014 | 10:13AM
Kudos:
4

Not if it is a new

Not if it is a new Cryptolocker variiant or a Ransomcrypt that is pretending to be Cryptolocker. I actually think the Cryptolocker itself is DEAD  but there are copycats about now  which hok's message is mainly no good as stated  " I want to mak ...
Forum Thread comment
Author:
Posted:
10-Oct-2014 | 4:13PM
Kudos:
4

TDSSkiller / TDL4

TDSSkiller now correctly detects and cures TDL4  (as of Today) I tested only like 10 minutes ago, The scan checks via the raw I/O. Screenshot below, plus attached to this post is the log of the scan Be aware though if you are infected with more than TDL3 ...
Forum Thread
Author:
Posted:
17-May-2010 | 2:49PM
Comments:
60
Kudos:
7
Me Too:
0

Creating a Repair Disc in Windows 7 and Vista SP1 for future use.

Users may have noticed how the use of the Advanced  Repair menu with Windows 7 and Vista to run tools for logs and scripts to be able to break an infection down and this allows Windows to load hopefully without the malware causing problems and so allowing ...
Forum Thread
Author:
Posted:
10-Sep-2012 | 5:34PM
Comments:
2
Kudos:
8
Me Too:
0

Re: Quarantine vs. Remove

So the user can restore objects if need be.  (for all Malware) Reasons for example a)  Norton has detected a PUP (symantec as a PUA) but the user actually wants that PUP so goes into the Quarantine to restore the items. b) Norton has detected a False Posi ...
Forum Thread comment
Author:
Posted:
16-Dec-2013 | 5:56PM
Kudos:
5

Re: Malicious advertisements on major websites lead to ransomwar

The article talks about  Cryptowall (which I also mentioned in the GO Zeus messages)   Norton actually detects   Cryptowall  as Trojan.CryptoDefence (as it is close to CryptoDefense).   Quads ...
Forum Thread comment
Author:
Posted:
06-Jun-2014 | 6:10PM
Kudos:
4

Beating Bootkits

I have been thinking of an idea to be able to have Norton beat Bootkits once detected. Once Norton is installed on a computer and that system is clean, Norton can then be able to copy the Boot Sector of the machine it is installed on and hide it away with ...
Forum Thread
Author:
Posted:
17-Jul-2011 | 9:09PM
Comments:
11
Kudos:
9
Me Too:
0

Windows updates caused C:\windows\system32\config\systemprofile\Desktop error.

had a laptop turn up, the owner let Windows update install the updates and restart the system.  After the Restart  the desktop loaded but only has the recycle bin, with the classic mode Taskbar, icons missing and Black background (wallpaper missing).  A d ...
Forum Thread
Author:
Posted:
09-Jul-2013 | 9:45PM
Kudos:
4
Me Too:
0

Removal of the Cloud Security family of FakeAV + Zeroaccess Rootkit

The removal of this family with Zeroaccess also infecting the system gives an extra challenge due to Zeroaccess being protective and blocking security programs (tripwire) no matter what the file name is. The Family of FakeAV includes   OpenCloud Antivirus ...
Forum Thread
Author:
Posted:
10-Oct-2011 | 7:02PM
Comments:
17
Kudos:
8
Me Too:
0

within the domain this

within the domain this address   https://www.virustotal.com/en/url/745d7290edcfae1bcfd060003421a38fd3107f70ff57a082983c55428bd4a312/analysis/1418006820/ Which has like this file   https://www.virustotal.com/en/file/dd66f474a65999c92b3ba83b0c9f8b70bc975201 ...
Forum Thread comment
Author:
Posted:
07-Dec-2014 | 6:50PM
Kudos:
3

User is doing a DIY, total

User is doing a DIY, total disregard for tools method. Quads ...
Forum Thread comment
Author:
Posted:
04-Dec-2014 | 5:35PM
Kudos:
3

This sub family could be

This sub family could be using Windows registry keys anf files to do the work so, you cannot just delete objects otherwise you may not be able to get back into to the desktop or at worse Windows at all. Quads ...
Forum Thread comment
Author:
Posted:
28-Nov-2014 | 5:02PM
Kudos:
3

http://www.symantec.com

http://www.symantec.com/security_response/writeup.jsp?docid=2014-090815-3008-99 Quads ...
Forum Thread comment
Author:
Posted:
23-Nov-2014 | 10:47PM
Kudos:
3

A lesson in PUP's

I had a system to fix in person this afternoon (NZDT)  No Internet System restore just as a test failed, Some Windows Services failed to start  causing problems, Hard Drive and CPU running a million miles an hour without the user doing anything, Browser   ...
Forum Thread
Author:
Posted:
29-Mar-2013 | 9:16PM
Kudos:
4
Me Too:
0

Do not Delete dllhost in the

Do not Delete dllhost in the Syswow64 folder it is meant to be there and is for Windows (Microsoft).,  It is just being used by the infection, The User above is a newbie for a reason and their fix should not be used as it is wrong,  The user also has NOT ...
Forum Thread comment
Author:
Posted:
08-Oct-2014 | 2:59PM
Kudos:
3

For anyone thinking about doing so.

For anyone of thinking about using Combofix on their own, while reading threads on this forum. Don't, at the moment Combofix has a Major bug that with basically delete files, Progams, Personal files like docs and photos etc. When you get up  to 5000 ...
Forum Thread
Author:
Posted:
24-Jan-2010 | 6:02PM
Comments:
5
Kudos:
10
Me Too:
0

Rogue.SecurityTool workaround

A new version I download and installed on my PC 1. This variant, Got Past Norton2. Removes your wallpaper 3. Does a fake scan stating you have many infections BUT If you DO NOT restart the PC you can bring up the Task Manager and stop the process that is ...
Forum Thread
Author:
Posted:
24-Nov-2009 | 7:25PM
Comments:
27
Kudos:
10
Me Too:
0

Re: Malware DEMO STUB , the real truth and how to fix.

Sometimes I am glad I don't live in the USA, when seeing stuff like the above written in a post (message) that has nothing really do do with the board or NIS /NAV etc. Quads ...
Forum Thread comment
Author:
Posted:
19-Aug-2014 | 12:17AM
Kudos:
3

Re: Android Ransomware with possible fact Norton Mobile Securit

I don't need to wait for  Gayathri_R    Detections for the.apk have been added as  Android.Scartibro    (at least for the samples I have) Quads ...
Forum Thread comment
Author:
Posted:
08-Aug-2014 | 11:55AM
Kudos:
3

Re: AdwCleaner vs Sonar

I have no idea really what dickevans it talking about, in relation to Adwcleaner Adwcleaner is not a realtime product and so does not startup with Windows like AV's etc.   But is is an active scanner when you click "Scan" or "Clean&quo ...
Forum Thread comment
Author:
Posted:
31-Aug-2014 | 7:44PM
Kudos:
0

Re: I can not at the moment connect to the internet to receive u

Hi Mo I will PM you back tomorrow Noton warns that your Virus definitions are out of date within 2-4 days and Windows also notifies of the definitions being out of date and the Security Centre, Red Shield shows up on the Systray. As to your Cable Internet ...
Forum Thread comment
Author:
Posted:
03-Dec-2008 | 11:57PM
Kudos:
2

Re: New Zeus varient (Zeus.Maple)

I only have 1 file for the maple version and the download I got and in that form Norton did not detect it, actually on a scan check also with other AV's only 2 AV engines did. Just worked out why, it is double archived, lets try that again. After dou ...
Forum Thread comment
Author:
Posted:
11-Jun-2014 | 11:52AM
Kudos:
1