Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

Fraud.security essentials

- - - - -

  • Please log in to reply
8 replies to this topic

#1
mike13

mike13

    Member

  • Member
  • PipPip
  • 155 posts
  • Joined 25-June 02
  • OS:Windows 7 x64
  • Country: Country Flag
I have a friends computer infected with Fraud.security essentials. I know that because Spybot S & D has found it twice, but can not remove it. I then slaved the infected hard drive to my test computer and ran Malwarebytes, and Superantivirus, MSE, and Avast. Neither program found anything. I do not have Spybot S & D on my test computer, but tomorrow I plan to download it and then scan the infected hard drive again. Maybe with it being slaved and not active and running, Spybot can remove the infections. Any other suggestions ?? Thanks, Mike

Edited by mike13, 02 June 2012 - 09:18 PM.



How to remove advertisement from MSFN

#2
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 10,013 posts
  • Joined 28-April 06
  • OS:Server 2012
  • Country: Country Flag

Donator

You may not have good results doing an offline scan on a drive, because a lot of virii will only make themselves known to scanners when they are actively running. I'd run some apps (malwarebytes or whatever) on the live system or maybe in Safe Mode.
MSFN RULES | GimageX HTA for PE 3-5 | lol probloms
tpxmsfn1_zps393339c1.jpg

#3
mike13

mike13

    Member

  • Member
  • PipPip
  • 155 posts
  • Joined 25-June 02
  • OS:Windows 7 x64
  • Country: Country Flag
Tripredacus, Thanks for the reply. I can not run Malwarebytes on the infected computer. I thought that it might be corrupted, so I removed it and re-downloaded Malwarebytes. Still can not run the program, even in SAFE mode. I can run MSE, but it finds nothing. As I said in my first post, Spybot does find two entries of Fraud.security essentials, but can not remove it. I have spent about 6 hours on this computer already. I guess it is time for nuke and pave. Mike

#4
Tarun

Tarun

    Spectre

  • Super Moderator
  • 3,190 posts
  • Joined 27-January 04
  • OS:Windows 7 x64
  • Country: Country Flag
Run Malwarebytes Anti-Malware Chameleon.

#5
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 10,013 posts
  • Joined 28-April 06
  • OS:Server 2012
  • Country: Country Flag

Donator

Yeah, some viruses will write anti-execution code into the Registry to stop programs from running. Usually renaming them after installing works, and this is the reason why Gmer downloads as a random string of characters.exe.
MSFN RULES | GimageX HTA for PE 3-5 | lol probloms
tpxmsfn1_zps393339c1.jpg

#6
mike13

mike13

    Member

  • Member
  • PipPip
  • 155 posts
  • Joined 25-June 02
  • OS:Windows 7 x64
  • Country: Country Flag
Tarun---Thanks for the reply, but I can not even open Malwarebytes, so I can't look for TOOLS etc.

#7
Tripredacus

Tripredacus

    K-Mart-ian Legend

  • Super Moderator
  • 10,013 posts
  • Joined 28-April 06
  • OS:Server 2012
  • Country: Country Flag

Donator

Tarun---Thanks for the reply, but I can not even open Malwarebytes, so I can't look for TOOLS etc.


Rename the malwarebytes.exe in its Program Files folder and try to run it. Name it something funny or creative. I'd post what mine is named but I might break a forum rule. :angel
MSFN RULES | GimageX HTA for PE 3-5 | lol probloms
tpxmsfn1_zps393339c1.jpg

#8
mike13

mike13

    Member

  • Member
  • PipPip
  • 155 posts
  • Joined 25-June 02
  • OS:Windows 7 x64
  • Country: Country Flag
Success---I think. I was finally able to open and run Malwarebytes. I did not try for updates, I just wanted to run the program since it opened. It ran and found 874 items, about 6 were trojans. It removed everything. I then opened Malwarebytes again, and got the updates this time. This time it found only one item, and removed it. I then ran Spybot Search and Destroy twice. It came up clean. Prior to all this I had run Microsoft Security Essentials. It never found anything. My only issue now is that when I do a manual update for MSE, it takes forever, like 5 minutes when it should take maybe a minute. Then after the manual update, it never closes. I have to shut down the computer. Last evening I did another full scan with MSE. I stopped it after about two hours. Maybe it is me, but it looked like it was scanning the same folders somethimes. Now, prior to this I had tried to install Avast. It never really loaded properly. But if I open Windows Explorer, I see a few folders pertaining to Avast, but i can't delete them. When I try, I get a message that "the file may be in use" etc, or something like that. Avast does NOT appear in Add / Remove programs, so I can't remove it that way. I then Googled "Remove Avast' and found and downloaded a program to delete it. I will try to remove Avast this evening. Hopefully when I remove Avast, MSE will work better. Any other suggestions to try ?? Any other anti malware programs I should download and run, before I feel confident that all the viruses/ trojans, malware are removed ?? Many thanks. I think I am almost finished.

#9
mike13

mike13

    Member

  • Member
  • PipPip
  • 155 posts
  • Joined 25-June 02
  • OS:Windows 7 x64
  • Country: Country Flag
Update---I ran that Avast uninstaller, and all seems good now. When I do that manual update for MSE, it only takes about a minute now instead of over 5 like before. I then ran a full scan with MSE and it only took about 45 minutes instead of close to three hours. So I guess Avast was causing the problem. I then searched the malware section that Tarun has. (PC cleanup). I downloaded and ran Eset, Trendmicro, and Kasperski. Eset found two more worms and cleaned them. So I guess I should be clean now. I wish all these antivirus developers, and anti-malware developers would get together and develope one super program that would get rid of everything instead of running many programs etc, but that will never happen. Well, thanks for the help and suggestions. Great site !!!!! Mike




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users