Over 1 million tech questions and answers.

Burito.exe/Braviax.exe/Karina.net/IRC.BOT/antivirus-2008 pro/antivirus-2008

Q: Burito.exe/Braviax.exe/Karina.net/IRC.BOT/antivirus-2008 pro/antivirus-2008

These are just a few things that were found on my computer, have no idea how it got so out of control.
I worked all day trying to get rid of all of these and finally succeeded by running and updating antivirus/Spyware detector and then rebooting in safe mode, while doing this many times I recieved "blue screen" and sometimes it was fake and sometimes it was real, if I pressed ESC I knew it was a fake screen.
Eventually it let me stay on long enough to get rid of everything
But I'm still getting the FAKE blue screen so could someone take a look at my highjackthis log please


Logfile of HijackThis v1.99.1
Scan saved at 10:33:46 PM, on 8/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Rogers\Update Manager\RogersUpdateManager.exe
C:\Program Files\SpywareDetector\SDActiveMonitor.exe
C:\Program Files\SpywareDetector\SDService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0seenus/saos01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\Program Files\SpywareDetector\LiveUpdateSD.exe -AUTO
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] c:\program files\msn messenger\msnmsgr.exe /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader2.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Regi...18/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://fortunelounge.microgaming.co...c/FlashAX2.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: SDNotify - C:\Program Files\SpywareDetector\SDNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: tfnslopk - {0267CEBF-C14E-4DB4-A50A-47ECD84FD8AE} - C:\WINDOWS\tfnslopk.dll (file missing)
O21 - SSODL: xokvrpwg - {C4489E08-E4A9-4192-95E5-2645FECFB083} - C:\WINDOWS\xokvrpwg.dll (file missing)
O21 - SSODL: wnslvxtf - {5DFE576E-BA0E-48AB-8225-54EC5FDB0569} - C:\WINDOWS\wnslvxtf.dll (file missing)
O21 - SSODL: eqvwamkl - {2E0C313E-061F-4146-A103-400C2BD4E704} - C:\WINDOWS\eqvwamkl.dll (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoToAssist - Unknown owner - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)
O23 - Service: Rogers Update Manager (RogersUpdateManager) - Rogers Cable Communications - C:\Program Files\Rogers\Update Manager\RogersUpdateManager.exe
O23 - Service: SDService - Max Secure Software - C:\Program Files\SpywareDetector\SDService.exe

Thanks for reading

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Burito.exe/Braviax.exe/Karina.net/IRC.BOT/antivirus-2008 pro/antivirus-2008

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 119.6

{{{ how do i get it off my computer }}} the malwarebytes' anti-malware didnt work

XP Antivirus 2008, XP Antivirus 2009, and XPAntiVirus are rogue antivirus programs that, when run, display false results as a tactic to scare you into purchasing the software. Older versions of XP Antivirus would create 9 entries in your Windows Registry that impersonate infections on your machine. In reality, though, these registry entries were harmless and had absolutely no effect on your computer. Instead, these entries were set so that XP AntiVirus can find them when scanning your computer and report them as infections. The newer of versions of the program , such as XP Antivirus 2008 and XP Antivirus 2009, instead just display false results when scanning your computer that state infections were found. In order to remove these fake infections, though, you would first need to purchase the software as the trial does not allow you to remove them.

While running, XP Antivirus will also display fake alerts stating that you are infected or under attack from some type of threat. These alerts are fake and can be ignored. If you do click on the alert, though, it will prompt you to purchase the software. Examples of text contained in these alerts can be found below.

Privacy Violation alert!
XP antivirus detected Privacy Violation. Some program is secretly sending your private data to untrusted internet host. Click here to block this activity by removing threats (Recommended).

o... Read more

A:XP Antivirus 2008, XP Antivirus 2009, and XPAntiVirus are rogue antivirus programs that, when run, display false results as a t...

There are indeed a lot of those rogues out there, with the one and only scope of scaring you into buying their product.Unfortunately they get harder and harder to remove.For a list of removal guides for the latest rogues, see hereI am moving this topic to a more appropriate forum

Read other 1 answers
RELEVANCY SCORE 114

Hello, my wife was downloading a "David Cook Video" from some unknown website. She screamed when all of these pop-ups came up. I closed them out and ran AVG 8. It was unable to remove the virus. Then the desktop went blue and the system kept trying to restart but could not, another blue screen came up with white text. I was able to restart in safe mode. I have 2 new items on my desktop XP antivirus 2008 and Malware Protector 2008. Thanks in advance for your help.

I have posted my System Scanner file below and will attach my Active Scan and Extra.txt file.



Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-07-08 09:04:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2008-07-08 13:04:04 UTC - RP4 - Deckard's System Scanner Restore Point
2: 2008-07-08 11:41:55 UTC - RP3 - Last good restore point
1: 2008-07-08 11:41:33 UTC - RP2 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:08:20 AM, on 7/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Run... Read more

A:Antivirus XP 2008 and Malware Protector 2008

Bump.

Read other 12 answers
RELEVANCY SCORE 112.4

Hi Moderators,

I got infected with the CNN pop-up even though I had McAfee. Thanks to your site I was able to remove it and a host of others that McAfee ' so called Security Centre could not.

My first question is -
What does the term" quarintine" on the display log?

How can I now remove the Antivirus XO 2008 and Register Antivirus 2008 Icons from my Start - Logon/Off window?

I have Windows XP and a "Compaq" computer.

Thanks you.

A:Antivirus Xp 2008/register Antivirus 2008

When an anti-virus quarantines a file by moving it into a virus vault (chest), that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is safely held there and no longer a threat until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive". If that is the case, then you can restore the file and add it to the exclusion or ignore list. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Quarantine is just an added safety measure. When the quarantined file is known to be bad, you can delete it at any time.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download th... Read more

Read other 1 answers
RELEVANCY SCORE 110

I am in need of some MAJOR help.... this is my daughters computer and is majorlly infected....


ComboFix 08-06-20.4 - Cat 2008-06-25 19:49:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.482 [GMT -4:00]
Running from: C:\Documents and Settings\Cat\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Desktop\Malware Protector 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008\How to Register Malware Protector 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008\Malware Protector 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008\Register Malware Protector 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Protector 2008\Uninstall.lnk
C:\Documents and Settings\b\Favorites\Online Security Test.url
C:\Documents and Settings\Cat\Application Data\AXPDefender
C:\Documents and Settings\Cat\Application... Read more

A:Malware 2008 / Antivirus XP 2008 HELP PLEASE!!!!

Deckard's System Scanner v20071014.68
Run by Cat on 2008-06-25 20:23:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-25 20:23:58
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Trend Micro\Internet Security 12\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security 12\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security 12\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Trend Micro\Internet Security 12\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\syste... Read more

Read other 17 answers
RELEVANCY SCORE 110

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:37: VIRUS ALERT!, on 8/27/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Program Files\Common Files\Virtual Token\vtserver.exeC:\WINDOWS\System32\ibmpmsvc.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\QCONSVC.EXEC:\Program Files\Sandboxie\SandboxieServer.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\TPHDEXLG.EXEC:\WINDOWS\system32\TpKmpSVC.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\WINDOWS\SYSTEM32\Ati2evxx.exeC:\WINDOWS\Explorer.exeC:\Program Files\Microsoft IntelliPoint\point32.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Java\jre1.6.0_04\bin\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files... Read more

A:Antivirus Xp 2008, Antispyware 2008 Xp

Hello. I am PropagandaPanda (Panda or PP for short) and I will be helping you with your log.I will need some time to look over your computer's log(s). I am still in training, so my responses to you must be checked by a coach.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here. Please take note of a few guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it may not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself. Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directl... Read more

Read other 9 answers
RELEVANCY SCORE 108.4

Hi all,I have a PC with a 2.6 GHZ CPU, 1.5 GB RAM, a 250 GB internal C drive, 80 GB internal D drive and 2 external drives which were detached when the virus hit. I am running Windows XP Home with SP2. I use Panda Internet Security and Spybot S&D. Last week, I was hit with Antivirus 2008 Pro which crippled my PC for a couple days until I thought I had gotten rid of it with SpyHunter. It came back the next day and morphed into XPAntivirus, which also took a couple days to get off. Panda and Spybot didn't find anything when I ran them so I ended up using both Spyhunter and Spyware Doctor as well as SmitFraudFix and a couple of websites that listed files, directories, and registry keys that had to be deleted AND doing a complete clean install of XP after transferring all my relevant files over to an external drive. I finally got it off and was clean for almost a week until the night before last. I was trying to find a free PDF converter program for a friend of mine. I found PrimoPDF (not on the maker's website, unfortunately) and when I clicked on the install program, my computer restarted. When it came back on, I had the red alert message from Windows Automatic Updates which said that my updates were not turned on. When I tried to turn them on, the control panel said they were turned on but the red alert wouldn't go away and I couldn't go to the Microsoft update site manually. Also, error messages involving DLL files came up -- ubijcvin.dll and ijjcvslw.dll -- sayi... Read more

A:Infected By Antivirus 2008 Pro, Then Xpantivirus, And Now Antivirus 2009. . .

Hello Stacy and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)In the event you already have Combofix, delete your current version and download the latest ... Read more

Read other 8 answers
RELEVANCY SCORE 106

Hello all, please help.
I have a gateway FX laptop with vista that is two months old. I have Symantec newly installed. I ran a file that I probably shouldn't have and got zapped. I get continuous warnings and popus telling me to run scans. Then I get a popup scan window and advetrisements for MS Antivirus 2008, Vista Antivirus 2009, and other antivirus programs. I also get a ppcsx.exe window in startup, and two self resurrecting links to BDSM Extreme F%CK a T1Ts and A$$. Please help. what should I do? DO i need to download HJT? I have already done a full symantec scan to no effect. Please help.

A:Ms Antivirus 2008 / Vista Antivirus 2009

Welcome to BleepingComputerLet's try 2 different things before we worry about HijackThishttp://www.bleepingcomputer.com/forums/ind...st&p=876163Run a scan with MBAM and post the log pleasealso scan with norton's from safe modehttp://www.malwareremoval.com/tutorials/safemodeboot.php

Read other 7 answers
RELEVANCY SCORE 103.2

Hi ppl. Nedd help getting these out of my system urgently. Can anyone help?:

A:burito.exe and karina.dat

Hi, welcome to tsf!

You're using an older version of Hijackthis. Please uninstall the older version via control panel > add/remove programs

Please click Here to download HijackThis to your desktop.

Click the Download button. When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install.

It will be installed by default here: C:\Program Files\Trend Micro\HijackThis

A shortcut to the application will also be placed on your Desktop.

The program will open automatically after installation.

You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder. The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.

Click on "Do a system scan and save logfile" When the log pops up in Notepad, copy and paste that file back here.

Read other 1 answers
RELEVANCY SCORE 98

Somehow - I have had a long period of no problems after last visiting this forum and putting in place a lot of the "safety" measures suggested - this AntiVirus XP2008 has taken over my PC.

The effects are numerous.

1) replaces "wallpaper"? with a blue background with an antivirus message
2) Takes over IE and continually tells you you are un protected. FireFox seems ok.
3) Puts up annoying messages at the bottom of the screen telling you are infected with virues and are unprotected
4) It seems to have disabled Symantec Anti Virus live updater
5) after a period of time it produces a fake "blue screen of death" which you can get out of by just hitting escape
6) if you mistakenly click on one of the annoying messages it tells your computer is infected and must buy ($49) AntiVirus XP 2008.
7)If you try and uninstall it it either does nothing or automatically reinstalls.

There are many more annoying things rendering the PC basically unusable except if you use firefox and do what i did by serendipity just before.

I have followed the 5 steps but the last step - Deckards program. Downloaded it to desktop but it dosen't seem to want to work. On checking this by looking at Windows task manager I saw lots of "suspicious" looking processes which i halted. Of course i did not write down their names. This seemed to clean up the machine and allow me to type this post. But Deckard still dosen't seem to work.

I assume that these p... Read more

Read other answers
RELEVANCY SCORE 98

Hey, just recently after playing some games, this XP Anti Virus 2008 was put onto my computer, along with an icon. It keeps coming up at start up, and I usually end the process manually. The Anti Virus 2008 XP has changed my background and made my computer considerably slower. I've downloaded and used Spyware Doctor, but that didn't help it. I've also tried to manually remove it by following some direction on the net, but they didn't work either, as some of the instructions that was posted ended up being different for me. Is there a different way to remove this spyware?

Other trojans are now being detected as well, such as Joke.Blusod.

Hijack this log file:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\W... Read more

A:XP Antivirus 2008 help!!

UPDATE:

I just ran Spybot, and it found several infections that couldn't be deleted, namely Smitfraud-C.gp, Zlob.downloader, and couple more that I cannot remember (I ran spybot 2 days ago, and found no results). Over periods of time, my Symantec Anti Virus would pick up a trojan, and sometimes it would be cleaned by deletion, and other times it could not be deleted by Symantec.

Any solutions?

Thanks in advance
 

Read other 1 answers
RELEVANCY SCORE 98

We have a computer that was/is infected witht the AntiVirus 2008 XP malware. We used SDFix to remove it but now have a host of problems.

Symantec Endpoint Protection turns off.
Cannot remove Symantec as the Windows Installer service is not working properly (already tried to unregister, reload, reregister, etc.)
C++ Runtime error messages from the Symantec Scan process that starts at boot up.
Etc.
Etc.

I ran ComboFix and have the log for that.

Should I run HijackThis as well and post that log instead of ComboFix?

Read other answers
RELEVANCY SCORE 98

Downloaded the XP Antivirus 2008 in error and now I cannot remove it from system. I keep getting the Virus warnings...

Deckard's System Scanner v20071014.68
Run by Terry on 2008-03-15 21:34:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
40: 2008-03-16 02:34:45 UTC - RP1043 - Deckard's System Scanner Restore Point
39: 2008-03-15 21:32:41 UTC - RP1042 - AntiVir PersonalEdition Classic - 3/15/2008 16:32
38: 2008-03-15 18:39:50 UTC - RP1041 - AntiVir PersonalEdition Classic - 3/15/2008 13:39
37: 2008-03-15 08:00:28 UTC - RP1040 - Software Distribution Service 3.0
36: 2008-03-14 08:00:24 UTC - RP1039 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-02-12 07:19:46 UTC - RP1004 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 383 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-15 21:39:30
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlo... Read more

Read other answers
RELEVANCY SCORE 98

Hi all,

Hallelujah for this forum!

My boss 'clicked' on an ad and also got this lovely piece of software on his machine. It is devious! The spyware, or problems caused by the spyware will not let me run many programs such as HijackThis or SpyBot Search and Destroy. Many programs that will run are unable to clean all of the files. I am unable to delete them even while in Safe Mode! The malware is not running in the task manager or any other process explorer I've used. Even while in Safe Mode without being connected to the Internet, if I can delete any of the offending files (thanks to an unlocking program I had to scour the internet to find), the files come right back within 5 minutes. How is this happening? Where is the source of this problem that I can't find it and shut it down?

I have not tried the malware bytes software you mentioned below - I am going to do that now and see if I can get any further than I have. I'd still like to know where this program is hiding that it can keep reinstalling itself in safe mode. I have a feeling I'm going to have to do this more often

Thanks,
Carrie

A:Antivirus Xp 2008

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list ... Read more

Read other 7 answers
RELEVANCY SCORE 98

so my dad went to an adult site and got a bad trojan virus that down loaded antivirus XP 2008. When i used my webroot spy sweeper to try and get rid of it once it gets to the virus infected folders it goes to a blue error screen telling me theres something wrong with my computer and it restarts..the virus has taken my background from me and gave me a all blue screen with a warning that my computer is infected and i need to download a antivirus and spysweeper to get rid of it. what do i do? BTW i have a windows XP

A:Antivirus Xp 2008

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button to see a li... Read more

Read other 13 answers
RELEVANCY SCORE 98

I have been attacked by the virus "antivirus xp 2008" and can't get rid of it! I have downloaded the following programs but none have been able to remove it: spyware doctor, spyhunter, superantispyware, malwarebytes' and ad-aware 2007. I get the typical pop-ups saying I have viruses and need to download the "anitvirus xp 2008" program. My background is also a blue screen that says " you have a virus and need to download a program" I also get the horrible blue screen. I have also tried to manual remove it, but can't get it to work. When I do start-run-cmd i get the prompt C:/document and settings/owner. I can get it to c:/ but it won't find any of the .dll i need to delete. Please help with this problem...i am at a complete loss!!!

A:Antivirus Xp 2008

Welcome to bleeping computer cowgurlPardon me I was a 2 stepper long ago and far awaySpyhunter and adaware are pretty ineffective with these newer infectionsWould you run MBAM, ATF cleaner and SAS in the exact order specified in this postMake sure you update and install according to the directionshttp://www.bleepingcomputer.com/forums/ind...mp;#entry839950

Read other 1 answers
RELEVANCY SCORE 98

Hi everyone!
Just a quick reply to say thanks to everyone who post here. I has Antivirus 2008 insatall on one of my PCs so I knew what to do and came straight here for help. A quick search found the solution and all was fixed.
So thanks again and keep up the good work.

A:Antivirus 2008

Thanks for the kind words and you're welcome on behalf of the Bleeping Computer community.Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. Then use Disk Cleanup to remove all but the most recently created Restore Point.Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.Tips to protect yourself against malware and reduce the potential for re-infection, be sure to read: ? "Simple and easy ways to keep your computer safe".? "How did I get infected?, With steps so it does not happen again!". ? "Best Practices - Internet Safety for 2008".? "Hardening Windows Security - Part 1 & Part 2".? "IE Recommended Minimal Security Settings" - "How to Secure Your Web Browser".? Avoid online gaming sites and peer-to-peer (P2P) or file sharing programs as they are a security risk which can make your system susceptible to a sm?rg?sbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans target and spread across P2P files sharing networks and gaming sites. In some in... Read more

Read other 1 answers
RELEVANCY SCORE 98

ok to start with i dont even know how it got on the computer in the first place. i found and removed it, i cant find any files of it left in the registry and non of the processes are running that are related to this program. but now when i restart my computer it only loads up the display/background imiage, to get past this i hit ctrl+alt+del and run mozilla>click tools>then downloads>right click and open the containing file. this for some reason coses the tool bar to come back and everything is running "ok" but i keep getting this "InstantShareDevices" keeps trying to auto install also get an error "1706.No valid source could be found for product InstantShareDevices. the windows installer cannot continue." after i click ok it just trys to re-run it.

also there is a error

Microsoft .NET Framework
An unhandled exception has occurred in a component in your application. Click to continue and application will ignore this error and attempt to continue.
Object reference not set to an instance of an object.

it has a details drop down box

See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.NullReferenceException: Object reference not set to an instance of an object.
at HP.CUE.Video.PlaybackControl.UpdateProgressBar()
at HP.CUE.Video.PlaybackControl._ProgressTimer_Tick(Object sender, EventArgs e)
at System.Windows.Forms.Timer.OnTic... Read more

A:need some help with antivirus 2008

Read other 6 answers
RELEVANCY SCORE 98

Antivirus 2008 continuously sends me pop ups. Haven't been able to find a way to uninstall this *bleeping* program - well, spyware, virus, whatever it's called. Please help if possible.

I'm running Windows XP Service Pack 2 on a Dell Computer.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:01:54 PM, on 05/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Pro... Read more

Read other answers
RELEVANCY SCORE 98

My desktop is infected with antivirus 2008. I had a friend try to manually uninstall it but he was unable to do so. I know the re are a number of sites that offer removal but I don't know which one to try. Unfortunately I can't get on the new with the infected computer. I did try to download a viruis removal tool from this site and saved it to a thumb drive but was unable to open it on the infected computer. I'm am not that proficient with computers so please try to keep it simple. Thanks in advance

A:antivirus 2008

Can you download anything from the internet?If you can, please do the following.Please follow the instructions in the link below for Malwarebytes, as posted by Quietman7, then post the log in your next reply.http://www.bleepingcomputer.com/forums/ind...t&p=1001350If you can't download anything onto that computer, please notify in your next post.

Read other 4 answers
RELEVANCY SCORE 98

When I was online the XP Antivirus popped up and said I had infections on my computer.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:40:17 PM, on 3/30/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\acs.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exeC:\WINDOWS\Imgtask.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\XP Antivirus\xpa.exeC:\Program Files\D-Link\AirPlus G Wireless Adapter Utility\AirPlus.exeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Trend Micro\Hij... Read more

A:Xp Antivirus 2008

Apologies for the delay in replying, but the forums have been overwhelmed with HIjackThis logs lately. If you still need help, please post back with a new HijackThis log, along with an update of the problems you are currently experiencing.

Read other 2 answers
RELEVANCY SCORE 98

Can someone help me get rid of this XPAntivrus 2008 that I have accidently put on my pc? It keeps coming up every couple of minutes, and it's annoying.

A:XP Antivirus 2008

Please follow directions HERE

Read other 1 answers
RELEVANCY SCORE 98

Hi, I'm brand new. This is my first post. I'm not sure if this is where I'm supposed to post.I stayed up all night getting rid of lots of bad things on my computer, and I'm not sure if I removed everything. AVG said I had Trojan Horse Agent.ZAK. I also noticed that I had Antivirus XP 2008. I always wondered where it it came from because I never installed it. The first thing I did was use Spybot-Search and Destroy. It did not remove either. I googled for help on both and came across a step by step post by Grinler, on this site, to remove Antivirus XP 2008. It worked, I think. And AVG eventually removed that trojan. (Thank you, Grinler, for that awesome step by step!)I ran Spybot-Search and Destroy, Malwarebytes'-Anti-Malware, and AVG Anti-Virus. I rebooted when told to. The 3 programs said I was cleaned up. ( I had a lot of infections, yikes!) All 3 detected different threats! I'm glad I ran them.The reason I'm not sure if the Antivirus XP 2008 is totally removed is because when I click the start button, that window slides up and I see Antivirus XP 2008, and I also see Register Antivirus XP 2008 there. I believe that they are shortcuts. When I right click them, the window opened and I chose Scan with Malwarebytes' Anti-Malware. It said nothing detected. So can I right click them and choose the Remove from this list? I'm not very good with computers. I hope I explained well enough. My brain is foggy...I only slept 2 hours. Than... Read more

A:Antivirus Xp 2008

So can I right click them and choose the Remove from this list?Yes.Also you can post the results of your MBAM scan for my review.Launch MBAM.Click the Logs Tab at the top.mbam-log-7-18-2008(09-52-04).txt should show in the list. <- your dates will be different from this exampeClick on the log name to highlight it.Go to the bottom and click on Open.The log should automatically open in notepad as a text file.Go to Edit and choose Select all.Go back to Edit and choose Copy or right-click on the highlighted text and choose copy from there.Come back to this thread, click Add Reply, then right-click and choose Paste.

Read other 12 answers
RELEVANCY SCORE 98

My friend's computer is infected with AntiVirus XP 2008. He can't download anything to help fix his problem. Is it possible for me to download the MalwareBytes program, burn it to disk, and install it on his computer in SafeMode?

A:Antivirus Xp 2008

Yes, save it to a flash (usb, pen, thumb, jump) drive or CD, transfer it to the infected machine, then install and run the program. If you cannot transfer or install from the infected machine, try running the setup (installation) file directly from the flash drive or CD so it will install on the hard drive.Before performing a Quick Scan with MBAM in normal mode, please print out and follow these instructions.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.Scanning in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, it loses some effectiveness for detection & removal when used in safe mode because the program includes a driver which does not work in safe mode. For optimal removal, normal mode is recommended. Doing a safe mode scan should only be done when a regular mode scan fails.

Read other 1 answers
RELEVANCY SCORE 98

I also had the Antivirus XP 2008 infection. I was already using Windows Defender, and Norton Online via Yahoo, but neither was any help. Had used AdAware amd Spybot in the past, so downloaded newest free versions, as well as MS Malicious Software Removal Tool and Hijackthis.

The original attack corrupted my Yahoo browser, changed my desktop to a blue screen, destroyed my restore points for System Restore, removed the desktop and screensaver tabs from my Display Properties, and restricted me from Internet Options via the IE7 tools menu.

I have since fixed all but the IE7 restriction, and uninstalled all of the scanners except the Norton Online that comes with Yahoo, which I reinstalled after I got rid of most of the malware. Spybot got rid of all but 4 items: Zango.ShoppingReport, (two) Smitfraud-C.gp, and a Right Media cookie from IE. These may all be bundled in Yahoo, so I am probably stuck with them. An online "kelly" registry "tweak" restored my desktop and screensaver tabs.

I would really like to resolve the IE7 restriction, since it says to contact the system administrator. That would be me. I am able to change Internet Options via Control Panel, but that is the "long way around the pond" from the tools menu in IE. Once I fix that issue, I will establish a new restore point in System Restore for future problems.

If anyone can talk me through the IE7 fix, I would be most appreciative. I am using XP Pro, SP-2.

A:Antivirus XP 2008

Hello fgross120 and welcome to BC This is just a quick note to let you know that we have split your post from the original topic it was in into its own thread so that it will get the attention it deserves.You can find your new topic here:http://www.bleepingcomputer.com/forums/t/163177/antivirus-xp-2008/However, I see that you have posted an HJT log here: http://www.bleepingcomputer.com/forums/t/162914/lost-in-space-almost/ Because you have this log posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for po... Read more

Read other 1 answers
RELEVANCY SCORE 98

It just refuses to go away. I have tried a couple of other forums, and this thing will not go away. The icon is gone and the background is gone. Its not in the start-up either and no pop-ups. However when I start up the old background, "warning: computer infected with spyware" flashes. Also, my add and remove programs do not work. Please help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:16:02 PM, on 6/27/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\VTTimer.exeC:\WINDOWS\system32\VTtrayp.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Fi... Read more

A:Antivirus 2008

Hello pinkgirl, I have tried a couple of other forums, and this thing will not go away. The icon is gone and the background is gone. Its not in the start-up either and no pop-ups. However when I start up the old background, "warning: computer infected with spyware" flashes. Please tell me what you have done to try and fix this? What forums did you post at previously?

Read other 44 answers
RELEVANCY SCORE 98

I don't think Antivirus 2008 is installed on my notebook, I'm not sure, but there's a security balloon in the notification tray saying "You have a security problem!". Also antivirus 2008 webpage keeps opening. its getting too irritating. I'm facing this problem since 3 days now.
Kindly help..

A:Antivirus 2008

What does it say when you click on the balloon? It should tell you if it is your antivirus or firewall or both that is not running and give you the option of running them if installed.

Read other 20 answers
RELEVANCY SCORE 98

I, like many others, have been the victim of this type of malware - sorry I know this is probably getting redundant. Below find my HJT log, along with my Mbam log. Thanks in advance for the help.I just want to let you know that despite using the Malwarebytes program (as I found suggested on some other sites) the virus is still there - it just won't go away. Also, it has blocked my admin powers ( I can't use task manager, regedit, etc). I have scanned with bitdefender - it only found 1 infected file; I scanned with McAfee - it found nothing; I have tried to scan with Ad-Aware - but it would not let me. Please help, I'm losing my mind.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:51: VIRUS ALERT!, on 26/08/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\TGTSoft\StyleXP\StyleXPService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.... Read more

A:Antivirus 2008

Hello Smdxn and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)In the event you already have Combofix, and you're notified a more current version is availa... Read more

Read other 1 answers
RELEVANCY SCORE 98

I have a computer with XP Antivirus on it. I was able to stop it from running on my computer. The only thing I am still working on is getting it out of IE7 with out uninstalling IE7 and re-installing. I will let you know when I get it or just let me know if you have been able to. I will add the instructions on how to remove it from starting up and keeping it from running in your system. I think it is embedded in IE7 but not for long.
 

A:XP Antivirus 2008

ok i found some good programs on the internet that worked to remove this bug completely. The main one though was Malwarebyte's rogue remover. Good luck.
 

Read other 1 answers
RELEVANCY SCORE 98

I recently acquired this little bundle of joy. After looking at many different threads at several different forums about this, i tried various things to remove it, and i succeeded to some extent. I no longer have the part of the program that tries to be "legitimate" with the icons in the task bar and the well designed and aesthetically pleasing window constantly reminding me that i have some obscene number of viruses on my computer, that can be removed by paying it's wicked creator money. That part of the program is completely gone (even after reboot and such) but i still have many symptoms it left behind. The symptoms I am referring to include: the phrase VIRUS ALERT next to the time in my task bar; many websites not working, including google and basically all websites that deal with antispyware, antimalware, antivirus, etc.; many functions of the start menu disappearing (although i have been able to get most of it back, except for the display option of the control panel, my c: and d: drives, and my "run" option); and my last symptom of antivirus xp 2008 that remains would be my desktop background not working (all I get is a huge error message). Your help is greatly appreciated. here is my hijackthis log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:17: VIRUS ALERT!, on 9/2/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss... Read more

A:antivirus xp 2008

Hi tawittle

Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.

=================

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/comb...o-use-combofix

Link 1
Link 2
Link 3


**Note: It is important that it is saved directly to your desktop**

===================================================

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.When finished, it will produce a report for you.
Please post the C:\ComboFix.txt along with a new HijackThis log for further review.

Read other 2 answers
RELEVANCY SCORE 98

I signed up for the free sample anti Spyware hoping to remove ANTIVIRUS XP 2008 but in signing up for a discussion forum this is all I found.

Is there a tutorial/configure free way to remove this fake programme?

A:Antivirus Xp 2008

http://www.bleepingcomputer.com/malware-re...virus-2008-2009

Read other 7 answers
RELEVANCY SCORE 98

Hello,

I registered today because I followed your "How to remove Antivirus XP 2008 (Uninstall Instructions)", but I believe I was still infected after that. I noticed something that I did not find described anywhere and may be of help to others:

When I was first infected with that thing I noticed a new file %WINDIR%\system32\el32.dll that was in use while the virus did its thing. I removed it in the recovery console (started from XP CD), but it reappeared shortly after that.

The malwarebytes software that you recommend removed most symptoms but left el32.dll in place. Also it claimed that the dll was "not infected". However, it was still newly created and still in use, which made me suspicious. I got rid of it as follows:
- downloaded PrcView 5.2.15 (google for newest version of PrcView)
- In PrcView, go to menu View | Module Usage, find el32.dll in the list. Right-click dll, select "Filter Process List"
- Now only one instance of svchost.exe is shown in the main window of PrcView (note that svchost.exe is a generic process host, it is not necessarily bad). Rightclick that instance and select kill (it would have been smart to first check how it was run - that prcview also can do, but I did not think of that - sorry)
- After that I run combofix which deleted some files:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Berend\Applic... Read more

Read other answers
RELEVANCY SCORE 98

I got this virus/malware, whatever you want to call it last night. After a lot of frustration I think I may have gotten all of it off of my computer but I want to make sure. This is the second time that I have gotten this virus in the past month. The 1st was worse but I knew what was happening this time and started fighting it. Here are my logs....please just take a moment if you can to look them over and see if there is other nasties on my computer.Deckard's System Scanner v20071014.68Run by Tawna on 2008-07-25 11:29:24Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore ---------------------------------------------------------------- Last 5 Restore Point(s) --52: 2008-07-25 15:22:53 UTC - RP52 - Deckard's System Scanner Restore Point51: 2008-07-25 07:28:37 UTC - RP51 - Installed Norton AntiVirus 2003 Professional Edition50: 2008-07-23 22:19:06 UTC - RP50 - System Checkpoint49: 2008-07-22 22:16:35 UTC - RP49 - System Checkpoint48: 2008-07-20 04:36:17 UTC - RP48 - System Checkpoint-- First Restore Point -- 1: 2008-06-10 02:39:16 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 384 MiB (512 MiB recommended).-- HijackThis (run as Tawna.exe) -----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:32:29, on 7/25/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mod... Read more

A:Antivirus Xp 2008

Hello Tawna and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)In the event you already have Combofix, delete your current version and download the latest ... Read more

Read other 2 answers
RELEVANCY SCORE 98

I got this popup on my computer today, I have Windows XP home edition. I keep getting a popup that says "Internal Conflict Alert!" " System alert!" "71 viruses found!" and some others. I can't find the program to remove it! Can someone help me?
Thanks!

I've been cruising on this site and I think I found an answer on how to remove this booger!. I'll let you all know how it goes.
Thanks!

A:Xp Antivirus 2008 V2.5

I used the How to Remove Windows Antivirus 2008 (Removal Guide). The instructions were very clear and it seems to have solved the problem. My computer boots up rapidly and responds much more quickly than before. Thanks for posting this guide!

Read other 2 answers
RELEVANCY SCORE 98

My buddy has informed me that he has came into contact with this I'm going to drop by and see him later with this,he has Mcaffee Internet Security with Spysweeper.If I ran those programs in safe mode for him would I get rid of this for him?He is running XP Home.Thanks for any suggestions.

A:Antivirus 2008!

I just recently got this on my new computer as well. 2 questions:

I read to download MBAM and run it, but do I want to make sure I'm in safe mode before I do that?

The computer is like fresh out of the box new, would things be easier for myself to just format the HD and use the recovery discs. I have little background with computers in case that changes either option.

Read other 10 answers
RELEVANCY SCORE 98

Hi,

I have a brand new pc - running Vista business, everything was great until this morning, when I booted up my pc a program called antivirus 2008 has taken over my pc and my browsing ability on the internet, I have no idea how this got here or what its doing, I have Norton 360 installed, but thats not finding this program at all. Can you please please help me.
 

A:antivirus 2008 has taken over my pc

Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
Please download Malwarebytes Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking t... Read more

Read other 1 answers
RELEVANCY SCORE 98

Hi,My father in law accidently installed a programme called Antivirus 2008 XP.I have looked at tutorials for removing Antivirus XP 2008 however, this is slightly different software. It looks very similar but it doesn't have any of the same processes running. There are no obvious processes when i look in task manager.When the PC starts it loads the Antivirus 2008 XP prompting me to buy a licence or keep using the evaluation. It goes when I end task it. When I use IE it keeps coming up with rubbish like you are browsing and it could be unsafe, buy our programme.I ran a McAfee scan which was about as useless as I expected, it came with nothing.I downlaoded Spybot Search and Destroy, it found some tracing cookies but nothing specifically relating to the software.I installed Ad-Aware, it found a few things but they were mostly tracing cookies again.I checked the startup options in Spybot and found this:Located: HK_CU:Run, s9201 (DISABLED) where: S-1-5-21-2797920344-609132980-2615088823-1007...command: "C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe" /autorun file: C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated!

So I disabled it from sta... Read more

A:Antivirus 2008 Xp

Follow quietman7's instructions in this post : Malware Removal and that should make sure the Antivirus XP 2008 is removed. Hope this helps.

Read other 3 answers
RELEVANCY SCORE 98

I have a program on my computer labeled "XP AntiVirus 2008." I can't quarintine or delete the program. This is the only KNOWN program that I am having problems with. If anyone could give me some feedback or advice of how to delete it, I would greatly appreciate the help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:31 PM, on 5/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Trend Micro\Antivirus\Tmntsrv.exe
C:\Program Files\Trend Micro\Antivirus\tmproxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\... Read more

Read other answers
RELEVANCY SCORE 98

Made a mistake of clicking on this program and now I can't get rid of it.

Could you please have a look at the log and advice me what to do.

Thank you very much.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:22 PM, on 7/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\... Read more

Read other answers
RELEVANCY SCORE 98

Hi,
I have a computer infected with Antivirus 2008. I can't get on line with this computer. This rogue program will not let me. I am sure I can download to another computer. My question is, how do I get Malwarebytes' Anti- Malware loaded onto the infected computer. I am running Windows XP on both computers. Please help!
DW

A:Antivirus 2008

You can use a USB Pen drive or a CD to collect the exe and the updates on the clean machine then do the transfer but be sure to disinfect the Pen or the CD AFTER it has been in the infected computer else BOTH will be infected ( or if worried, even chuck it ) Hope that helps you

Read other 3 answers
RELEVANCY SCORE 98

Hello, yesterday my laptop was infected with this virus. First of all, let me warn you that I'm not very computer savvy and this is the first time I've ever dealt with a technical problem this complex.

I followed the instructions in "How to remove Antivirus XP 2008" on this forum, but when I try to open the mbam-setup.exe file on my desktop, it won't even run. Nothing happens. I also cannot open firefox... when I use IE, I cannot access certain sites (like this one.)

I did log on in safe mode and manually delete the associated files and registry key/values listed on the guide, but I still get a few popups and my time and background are still messed up. I can't access task manager or Display.

Should I try to download and run DSS, and post a log in the HJT forum? Will I be able to even run the dss.exe file?

I'm getting pretty desperate here. I'm running a 6 month-old laptop on Windows XP SP 2, and I don't really have anything that hasn't been backed up on an external hd... I've never reformatted and reinstalled windows in my life, but it doesn't sound like the worst option right now.

What should I do?

A:Xp Antivirus 2008

Try renaming the mbam-setup.exe file to something else (such as abcde.bat) and then try to open it.

Read other 3 answers
RELEVANCY SCORE 98

Hi,

Pls help me disable and completely remove ANTIVIRUS XP 2008 from my pc.Thanks enough.

A:Antivirus Xp 2008

Here is a link to BC's Self-help Removal instructions:http://www.bleepingcomputer.com/malware-re...tivirus-xp-2008If you encounter any problems or have any questions, please let our Members know.Regards,John

Read other 3 answers
RELEVANCY SCORE 98

Couple days ago, I was unfortunate enough to receive a copy of Antivirus XP 2008 on my computer. As some of you may or may not know this thing rapes computers. Constant blue screens, freezing, and crazy amount of pop-ups. Well anyways, I installed Malwarebyte's Anti-malware which seemed to get rid of the main problems. However; I'm still wary about my computer and I was hoping to have my hijackthis log checked out
(and plus my internet explorer has not been able to open since).

Thanks in advance!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:38 AM, on 9/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe... Read more

A:Antivirus XP 2008 help!

Hello, hoshinaru
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:In the meantime, please refrain from making any changes to your computer.
Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
Finally, please reply using the button in the lower left hand corner of your screen.
Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .

We need to create an OTViewIt ReportPlease download OTViewIt by OldTimer.
Save it to your desktop.
Double click on the icon on your desktop.
Click the "Scan All Users" checkbox.
Push the button.
Two reports will open, copy and paste them in ... Read more

Read other 2 answers
RELEVANCY SCORE 98

My computer at work is infected and I can't resolve the problem. I need the Expert of experts.I couldn't get Kaspersky to work properly. Here is my log file:-- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.Backed up registry hives.Performed disk cleanup.-- HijackThis (run as mnieves.exe) ---------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:12:22 PM, on 7/29/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\McAfee\Common Framework\FrameworkService.exeC:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exeC:&#... Read more

A:Antivirus Xp 2008

Hello Sabrashatila and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please download Malwarebytes' Anti-Malware from Here or HereDoubleclick mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is comp... Read more

Read other 1 answers
RELEVANCY SCORE 98

hey i was browsing then this antivirus 2008 popped up asking me if i wanted to download antivirus 2008i opened task manage and ended firefox.execould i still be infectedhere is a hijack this logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 4:46:46 PM, on 7/28/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\Program Files\McAfee\VirusScan\McShield.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\McAfee\MSK\MskSrver.exeC:\Program Files\Microsoft SQL Server\MSSQL$MI... Read more

A:Antivirus 2008 Pop Up

Hello and welcome to BCWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay. Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.Check some important areas of your system and produce a report for an analyst to review.Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.You must be logged onto an account with administrator priv... Read more

Read other 2 answers
RELEVANCY SCORE 98

HI!I'm having a problem removing this virus: antivirus xp 2008. I've tried avg also avast boot scan. No luck!Mod Edit: Topic moved to more appropriate forum~ TMacK

A:Antivirus Xp 2008

Hi Katumi,Follow the removal instructions here: http://www.bleepingcomputer.com/malware-re...tivirus-xp-2008After completing Malwarebyte's Anti-Malware scan, post the log by clicking the Logs tab and then copy and paste the contents in your next reply.

Read other 1 answers