Follow up from installing malwarebytes

[Val wish Id never started]

I installed the paid for version and it found a lot of trojans etc, since then it suddenly says its blocked something? today it was Trojan.midhos ?? I am wondering what that is and why isn't microsoft essentials blocking it ???

[fran]

Can't answer your question,but will be interested in any replies because had the same problem on the same day you did.I took mine to the local computer shop and they fixed it for me and put Malwarebytes on for me.I presume it is the free version and I understand that the paid for version will be better.The whole business gave me a fright I can tell you!
Fran

[Val wish Id never started]

Bet they charged an arm and a leg Fran ??? I must admit I did panic a bit when I saw it as it looked so genuine , and it
wouldn't let me do anything at all.
The paid for Malwarebytes is £19 but thats forever and if you change PCs you can put it on the other one ,I think thats a bargain.
Have you had any warnings on yours today ???

[Val wish Id never started]

am now getting script errors ??? then malware blocked ip address 91.218.121.57 which seems to be from the USA and is called COOLVDS ??? what on earth is going on

[fran]

It cost me £20 Val,but as I was in a state of panic it was worth it!.I think I am going to pay for the "proper" version.This one has updated twice,but that is all I know about it.When it first happened I thought to scan with avg,but then discovered that it(avg) had disappeared,so I felt that I was left helpless.
Fran

[fran]

I've just had a closer look and mine is a trial version.I ran a scan and it detected 3 things.Trojan Midhos-file,Trojan Midhos-requistry value and Root Kit.OAccess.H file.I had to then restart the computer and it said that there was a problem starting AppData/roaming/cosap.dll.When I started writing this I was notified about something malicious that had been stopped.
All a mystery to me.I just hope it is preventing further problems.
Fran

[Val wish Id never started]

well since I installed malwarebytes windows essentials wont update the virus definitions????and I cant get windows automatic updates to work????

[TrevorFranklin]

MalwareBytes should work easily with Windows Essentials, but it may be that it is detecting actions as possible malware threts and blocking them.
This was an issue for users with Windows XP, but I have not heard of it happening with ista or Windows 7.

To tell MalwareBytes to ignore Microsoft Security Essentials in Windows

• Open MalwareBytes
• Click the Ignore List tab
• Click Add
• A “Browse” window will open showing your computer’s contents. Navigate to your Programs Files folder and select the Microsoft Security Client and click OK
• You’re done with this part. You should see the folder in your ignore list, and you can now exit

To tell Microsoft Security Essentials to ignore MalwareBytes

Open Microsoft Security Essentials

• Click on the Settings tab
• Click on the Excluded Files and Locations item on the left
• Click Browse
• A “Browse” window will open showing your computer’s contents. Navigate to your Program Files and select the MalwareBytes AntiMalware folder and click OK
• Click on the Excluded Processes item on the left
• Click Browse
• A “Browse” window will open showing your computer’s contents. Navigate to your Program FilesMalwareBytes AntiMalware folder
  
  • Select “mbam.exe” and click OK
  • Browse again and this time select “mbamservice.exe” and click OK
  • Browse again and this time select “mbamgui.exe” and click OK
  
  
• Click Save Changes and you are done

[TrevorFranklin]

The trial version will not stop the problems, only detect them after you have become infected and do a manual scan
When purchased, it is scanning in the background all the time and blocks any known or suspected activities when visiting websites etc.

Trojan Midhos is a backdoor Trojan, it infects PCs by sneaking into them through networks. This usually happens after a user follows some weblinks on an infected page or simply accepts unknown file transfer proposal.
The mention of the rootKit infection is where the virus runs itself at the same time that your operating systems starts, which is before any of your actual antivirus etc loads, this allows it to de-activate your antivirus and stop itself being deleted, so you are lucky that MWB was able to remove it. Normally a rootkit removal needs detailed knowledge to remove them.

It's a nasty world out there on the net and only getting worse

If the version you had was registered, it would have detected the rogue links in the site that you had visited and stopped you being infected

[TrevorFranklin]

am now getting script errors ??? then malware blocked ip address 91.218.121.57 which seems to be from the USA and is called COOLVDS ??? what on earth is going on

The program is doing what it is supposed to.
detecting links to known or suspicious sites and blocking them