Computer Virus?

[Mark Twain]

I have a Dell XPS 8500, with Windows 7 Professional, SP1,
with Spywareblaster, SuperAntiSpware, Malwarebytes, Avast,
Windows Defender and Windows firewall.

(1) TB HD
Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz
Ram 12.0 GB
System type : 64-bit operating system


I have also have a Dell Dimension 8200 with XP, SP3, with
Spywareblaster, , SuperAntiSpware, Avast, Malwarebytes and
Windows firewall.

Seagate Barracuda 7200 HD 160Gb
System type: 32-bit operating system


Regarding the Dell 8500, on the User Account; yesterday
and today my Administrator sign-on dialog box appeared
requesting permission for Java update which I closed,then
the Java icon moved to the system tray to the right and
disappeared.

I have had (3) malware/virus warnings lately that Avast
blocked but I was on eBay, Yahoo and once I wasn't even
on a browser page and it happened! I ran scans afterwards
but they've come up clean.

I checked Java for updates but couldn't find anything.

Then this happened twice after checking for updates:

Thoughts/suggestions,
Robert

 

[Paul]

I have a Dell XPS 8500, with Windows 7 Professional, SP1,
with Spywareblaster, SuperAntiSpware, Malwarebytes, Avast,
Windows Defender and Windows firewall.

(1) TB HD
Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz
Ram 12.0 GB
System type : 64-bit operating system


I have also have a Dell Dimension 8200 with XP, SP3, with
Spywareblaster, , SuperAntiSpware, Avast, Malwarebytes and
Windows firewall.

Seagate Barracuda 7200 HD 160Gb
System type: 32-bit operating system


Regarding the Dell 8500, on the User Account; yesterday
and today my Administrator sign-on dialog box appeared
requesting permission for Java update which I closed,then
the Java icon moved to the system tray to the right and
disappeared.

I have had (3) malware/virus warnings lately that Avast
blocked but I was on eBay, Yahoo and once I wasn't even
on a browser page and it happened! I ran scans afterwards
but they've come up clean.

I checked Java for updates but couldn't find anything.

Then this happened twice after checking for updates:

Thoughts/suggestions,
Robert

The free version of MBAE, doesn't protect you against very much.
Which reduces the possibilities, in terms of what it is complaining
about.

http://www.malwarebytes.org/antiexploit/

Shields browsers and browsers add-ons
Shields Java

This article claims there are some sort of log files,
but apparently they don't want to give details. So I
cannot tell you what to expect, whether the files open
in Wordpad or Notepad or not.

https://helpdesk.malwarebytes.org/h...e-product-logs-for-Malwarebytes-Anti-Exploit-

Collect Logs for Windows XP
1. Click Start > My Computer
2. Double-click C:\ > Documents and Settings > All Users > Application Data
3. Look in Malwarebytes Anti-Exploit folder

Collect Logs for Windows Vista or higher
1. Click on Start
2. Click on Computer
3. Double-click C:\ > ProgramData
4. Look in the Malwarebytes Anti-Exploit folder

Paul

 

[Mark Twain]

I have a Dell XPS 8500, with Windows 7 Professional, SP1,

with Spywareblaster, SuperAntiSpware, Malwarebytes, Avast,

Windows Defender and Windows firewall.

(1) TB HD

Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz

Ram 12.0 GB

System type : 64-bit operating system


I have also have a Dell Dimension 8200 with XP, SP3, with

Spywareblaster, , SuperAntiSpware, Avast, Malwarebytes and

Windows firewall.

Seagate Barracuda 7200 HD 160Gb

System type: 32-bit operating system


Regarding the Dell 8500, on the User Account; yesterday

and today my Administrator sign-on dialog box appeared

requesting permission for Java update which I closed,then

the Java icon moved to the system tray to the right and


I have had (3) malware/virus warnings lately that Avast

blocked but I was on eBay, Yahoo and once I wasn't even

on a browser page and it happened! I ran scans afterwards

but they've come up clean.
I checked Java for updates but couldn't find anything.

Then this happened twice after checking for updates:

Thoughts/suggestions,

Robert

The free version of MBAE, doesn't protect you against very much.

Which reduces the possibilities, in terms of what it is complaining

about.



http://www.malwarebytes.org/antiexploit/



Shields browsers and browsers add-ons

Shields Java



This article claims there are some sort of log files,

but apparently they don't want to give details. So I

cannot tell you what to expect, whether the files open

in Wordpad or Notepad or not.



https://helpdesk.malwarebytes.org/h...e-product-logs-for-Malwarebytes-Anti-Exploit-



Collect Logs for Windows XP

1. Click Start > My Computer

2. Double-click C:\ > Documents and Settings > All Users > Application Data

3. Look in Malwarebytes Anti-Exploit folder



Collect Logs for Windows Vista or higher

1. Click on Start

2. Click on Computer

3. Double-click C:\ > ProgramData

4. Look in the Malwarebytes Anti-Exploit folder



Paul

Hello Paul,

It happened again today; my Administrator sign-on popped up and I
again declined and the Java update icon went to the system tray and disappeared.


I followed your links and instructions and opened the last file which
was a Text document(attached).

Robert

 

[Paul]

I have a Dell XPS 8500, with Windows 7 Professional, SP1,
with Spywareblaster, SuperAntiSpware, Malwarebytes, Avast,
Windows Defender and Windows firewall.
(1) TB HD
Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz
Ram 12.0 GB
System type : 64-bit operating system
I have also have a Dell Dimension 8200 with XP, SP3, with
Spywareblaster, , SuperAntiSpware, Avast, Malwarebytes and
Windows firewall.
Seagate Barracuda 7200 HD 160Gb
System type: 32-bit operating system
Regarding the Dell 8500, on the User Account; yesterday
and today my Administrator sign-on dialog box appeared
requesting permission for Java update which I closed,then
the Java icon moved to the system tray to the right and
disappeared.
I have had (3) malware/virus warnings lately that Avast
blocked but I was on eBay, Yahoo and once I wasn't even
on a browser page and it happened! I ran scans afterwards
but they've come up clean.
I checked Java for updates but couldn't find anything.

Then this happened twice after checking for updates:

Thoughts/suggestions,
Robert

The free version of MBAE, doesn't protect you against very much.

Which reduces the possibilities, in terms of what it is complaining

about.



http://www.malwarebytes.org/antiexploit/



Shields browsers and browsers add-ons

Shields Java



This article claims there are some sort of log files,

but apparently they don't want to give details. So I

cannot tell you what to expect, whether the files open

in Wordpad or Notepad or not.



https://helpdesk.malwarebytes.org/h...e-product-logs-for-Malwarebytes-Anti-Exploit-



Collect Logs for Windows XP

1. Click Start > My Computer

2. Double-click C:\ > Documents and Settings > All Users > Application Data

3. Look in Malwarebytes Anti-Exploit folder



Collect Logs for Windows Vista or higher

1. Click on Start

2. Click on Computer

3. Double-click C:\ > ProgramData

4. Look in the Malwarebytes Anti-Exploit folder



Paul

Hello Paul,

It happened again today; my Administrator sign-on popped up and I
again declined and the Java update icon went to the system tray and disappeared.


I followed your links and instructions and opened the last file which
was a Text document(attached).

Robert

So the mbae-service text file is just keeping a
log of the service executable itself. Noting
when it started and so on.

There are two other files you could look at.
The mbae-alert text file looks pretty short, so
perhaps it has a log of events that happened.

The mbae-default file is pretty large, and it's hard to
guess what might be stored in there. It claims to be
a text file as well.

Paul

 

[Mark Twain]

Mark Twain wrote:

I have a Dell XPS 8500, with Windows 7 Professional, SP1,
with Spywareblaster, SuperAntiSpware, Malwarebytes, Avast,
Windows Defender and Windows firewall.
(1) TB HD
Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz
Ram 12.0 GB
System type : 64-bit operating system
I have also have a Dell Dimension 8200 with XP, SP3, with
Spywareblaster, , SuperAntiSpware, Avast, Malwarebytes and
Windows firewall.
Seagate Barracuda 7200 HD 160Gb
System type: 32-bit operating system
Regarding the Dell 8500, on the User Account; yesterday
and today my Administrator sign-on dialog box appeared
requesting permission for Java update which I closed,then
the Java icon moved to the system tray to the right and
disappeared.
I have had (3) malware/virus warnings lately that Avast
blocked but I was on eBay, Yahoo and once I wasn't even
on a browser page and it happened! I ran scans afterwards
but they've come up clean.
I checked Java for updates but couldn't find anything.

Then this happened twice after checking for updates:

Thoughts/suggestions,
Robert


The free version of MBAE, doesn't protect you against very much.

Which reduces the possibilities, in terms of what it is complaining

about.



http://www.malwarebytes.org/antiexploit/



Shields browsers and browsers add-ons

Shields Java



This article claims there are some sort of log files,

but apparently they don't want to give details. So I

cannot tell you what to expect, whether the files open

in Wordpad or Notepad or not.



https://helpdesk.malwarebytes.org/h...e-product-logs-for-Malwarebytes-Anti-Exploit-



Collect Logs for Windows XP

1. Click Start > My Computer

2. Double-click C:\ > Documents and Settings > All Users > Application Data

3. Look in Malwarebytes Anti-Exploit folder



Collect Logs for Windows Vista or higher

1. Click on Start

2. Click on Computer

3. Double-click C:\ > ProgramData

4. Look in the Malwarebytes Anti-Exploit folder



Paul

Hello Paul,
It happened again today; my Administrator sign-on popped up and I

again declined and the Java update icon went to the system tray and disappeared.


I followed your links and instructions and opened the last file which

was a Text document(attached).

Robert

So the mbae-service text file is just keeping a

log of the service executable itself. Noting

when it started and so on.



There are two other files you could look at.

The mbae-alert text file looks pretty short, so

perhaps it has a log of events that happened.



The mbae-default file is pretty large, and it's hard to

guess what might be stored in there. It claims to be

a text file as well.



Paul

Here are the two other Text files:

The only time I received Anti-Exploit messages was when I checked
Java for updates. Otherwise it hasn't appeared. The real issue
is how do I stop the administrator pop-ups ?

Thanks,
Robert

 

[Paul in Houston TX]

Here are the two other Text files:

The only time I received Anti-Exploit messages was when I checked
Java for updates. Otherwise it hasn't appeared. The real issue
is how do I stop the administrator pop-ups ?

Thanks,
Robert

Do you need Java?
If not, then delete it using control panel.
Don't allow it to reinstall if you don't need it.

 

[Paul]

Here are the two other Text files:

The only time I received Anti-Exploit messages was when I checked Java
for updates. Otherwise it hasn't appeared. The real issue
is how do I stop the administrator pop-ups ?
Thanks,
Robert

Do you need Java?
If not, then delete it using control panel.
Don't allow it to reinstall if you don't need it.

If you want to keep Java (and there are few good
reasons to do that...) then

.... if MBAE is blocking and preventing the Java 7 updater
from running, you can try installing a later Java 7 manually.

On this page, I can see a couple possible downloads. The first
is the offline (i.e. complete package) installer for a 32 bit OS.
The second link is for a 64 bit Windows OS.

http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html

Windows x86 Offline 28.11 MB jre-7u72-windows-i586.exe
Windows x64 29.6 MB jre-7u72-windows-x64.exe

You have to click the "Accept License Agreement" radio button,
before the download can begin. I can't give you a direct link,
without you having to agree to the license terms. Don't get
your Java update off CNET or other giant toolbar factory.
The offline installer, is *supposed* to be the clean one.
As far as I know, both the listed ones above, are offline type
(based on file size and file extension).

*******

Once Java is updated, check the version of MBAE. The latest
version is 1.04 from September 2014 (mentioned at the bottom
of the page).

https://forums.malwarebytes.org/index.php?/topic/132660-malwarebytes-anti-exploit-history-updates/

I was not able to find any references to Java Updater getting
stopped. And I don't know what that means exactly. I have
lots of problems finding stuff with search engines - I can
stop searching for the day, and find what I need the very
next day on the very first search. Very annoying.

Paul

 

[Mark Twain]

Hello Paul,

I deleted Java, so we'll see if that has
any effect on the pop-up tomorrow.

Thanks,
Robert

 

[Mark Twain]

Hello Paul,


I've logged back in and so far no Administrator
pop-up's requesting permission for a Java update.

In passing I have SuperAntiSpyware installed and
the last few days it has given me a message that
a newer version is available. Naturally, I'm a bit
gun shy at this point and have declined it each time.

Given that I have it installed do you think it's safe
to do this?

Thanks,
Robert

 

[Paul]

Hello Paul,


I've logged back in and so far no Administrator
pop-up's requesting permission for a Java update.

In passing I have SuperAntiSpyware installed and
the last few days it has given me a message that
a newer version is available. Naturally, I'm a bit
gun shy at this point and have declined it each time.

Given that I have it installed do you think it's safe
to do this?

Thanks,
Robert

The article about it is pretty weird.

http://en.wikipedia.org/wiki/Superantispyware

It seems to get code release updates pretty often.
The version number changed to Version 6 on 07/29/2014.

http://www.superantispyware.com/producthistory.html?id=SUPERANTISPYWARE

The definitions file is updated daily.

http://superantispyware.com/definitionupdatehistory.html

The new code is on this page.

http://superantispyware.com/download.html

I'm guessing it gets the Definition Updates all by itself,
because I cannot find a download page for those.

Can you still get the SuperAntiSpyware program interface to
appear on the screen ? Maybe you're supposed to do the code
update from there ? I don't see any signs they use CNET
for distribution. The files should be coming from their
web site.

Paul

 

[Buffalo]

"Mark Twain" wrote in message

Hello Paul,


I've logged back in and so far no Administrator
pop-up's requesting permission for a Java update.

In passing I have SuperAntiSpyware installed and
the last few days it has given me a message that
a newer version is available. Naturally, I'm a bit
gun shy at this point and have declined it each time.

Given that I have it installed do you think it's safe
to do this?

Thanks,
Robert

I use the Frree version of SAS and I let it upgrade to the latest program
version 6.0.1158 and it is working without a hitch on my Win7HP SP1 64bit
OS.
I also update the definitions through its own program. You can also dl and
install the def by dl' directly from their website
http://www.superantispyware.com/definitions.html.
I think it is working well and it seems to scan a lot quicker in the
Complete Scan mode, esp after doing it once.
I have used SAS for many years.
I do have the pd version on a laptop running WinXP and it runs fine with the
new version of SAS.

 

[Mark Twain]

Hello Paul,

It appears that I have the latest version:

I also manually check for updates on a regular basis.

So if I have the latest version and I check for
updates why am I getting the message? Perhaps it's
their advertizing to upgrade to their pay version?

Thanks,
Robert

 

[Paul]

Hello Paul,

It appears that I have the latest version:

I also manually check for updates on a regular basis.

So if I have the latest version and I check for
updates why am I getting the message? Perhaps it's
their advertizing to upgrade to their pay version?

Thanks,
Robert

Since that program is an "on-demand" scanner (requires
manual invocation by you), should there even be code
running for it right now ?

If the tool doesn't do automated updates (only available
on the paid version), about the only reason it should be
checking for updates, is to convince you to apply updates
manually.

I would open Task Manager (control-alt-delete or right-click
on Task Bar at the bottom), and see what processes are running.
And see if one of the processes is from SAS. Another possibility,
is the entry doing it, can be seen when using the Autoruns
program. It could be, that SAS runs something during Startup,
and that is where the dialog box is coming from.

Paul

 

[Buffalo]

"Mark Twain" wrote in message

Hello Paul,

It appears that I have the latest version:

I also manually check for updates on a regular basis.

So if I have the latest version and I check for
updates why am I getting the message? Perhaps it's
their advertizing to upgrade to their pay version?

Thanks,
Robert

Open up SAS and go to System Tools and Preferences and uncheck what you
don't want. If you only want it to run when you select it, don't check Run
in the Background (this keeps it running and will make it come up a lot
quicker when you need it. Do you need this to happen, I don't think so).and
read the rest of the choices.

 

[Mark Twain]

This is what Task Manager shows:

I followed Buffalo's suggestion and I did have
'Run in the Background' checked which I unchecked.

Thanks
Robert

 

[Paul]

This is what Task Manager shows:

I followed Buffalo's suggestion and I did have
'Run in the Background' checked which I unchecked.

Thanks
Robert

Since the free version does not provide "real time protection",
there is no reason for it to "run in the background". The
only thing it can do there, is inform you of updates. Just
opening the program once in a while, should be enough to
learn of updates.

Paul

 

[Mark Twain]

I want to thank you and Buffalo for all your
time, help and always good advice and comments.


Thanks,
Robert