Over 1 million tech questions and answers.

Computer was attacked by antimalware doctor/security suite malware/computer wont boot

Q: Computer was attacked by antimalware doctor/security suite malware/computer wont boot

Hi there, earlier today i was working on some video footage. I had went downstairs for an hour i came up and i had all these anti virus pop ups flashing all over my screen. i dont know how they got on there as i scan my computer every 2 days. The only possible reason i can think of is visiting The Pirate Bay.org. I tried opening task manager but the software keeps closing it. No matter what i tried the software would tell my system not to open it. I tried restarting the computer but when it gets onto the windows loading screen it flashes a blue screen then resets and this continually happens. I tried safe mode and last safe config, it still happens.

Some of the malware i saw:

Anti Malware doctor
Security suite
and some more.

I cannot use my DVD drive as it doesnt work so my only option is to do some via USB stick.. Is there any other way? please help.

How can i fix this without having to use a DVD drive and formatting / recovery console?

Thanks.

Need this help urgently.

RELEVANCY SCORE 200
Preferred Solution: Computer was attacked by antimalware doctor/security suite malware/computer wont boot

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Computer was attacked by antimalware doctor/security suite malware/computer wont boot

bump!

Read other 10 answers
RELEVANCY SCORE 106

Hi, I have tried the posted solution as seen here: http://www.bleepingcomputer.com/virus-remo...imalware-doctorHowever, I was unable to complete the steps. It blocks rkil, iExplore and eXplorer from running. I can see the command prompt window briefly and then it closes and a message pops up saying the application cannot be executed. The file rkill.exe (or whichever I am trying) is infected. Do you want to activate your antivirus software now? Naturally, I click no and try again to no avail. I've tried leaving this open when running the app again but this does not work either. I was able to install MalwareBytes but it blocks this from running as well. I tried opening Task Manager to force quit but it blocks that. Also, tried opening System Restore but that is blocked as well.Any help is greatly appreciated!Running Windows 7 64 bitOh I also am using a secondary computer as I shut off the wireless adapter on the infected systemEDIT: Posts merged ~BPEDIT: I was able to run Malwarebytes in Safe Mode. Will update results when scan is finished.EDIT: This seems to have fixed the problem. This thread can be closed

A:AntiMalware Doctor & Security Suite

QUOTEEDIT: This seems to have fixed the problem. This thread can be closedThank you for letting us know. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.In case you experience any problems with the computer, please start a new topic.Happy computing,Orange Blossom

Read other 1 answers
RELEVANCY SCORE 106

Hello everyone I was recently infected with Antimalware Doctor and Security suite also. I followed your guides to removing them and after many tries I think they have finally been relinquished from my computer. But I can no longer connect to the internet or connect anything via USB (ipod/iphone), I am not sure what other damage has been done but I receive two errors when I start up my computer. Also my firewall is down and I cannot put it back upC:\WINDOWS\$NtUninstallMTF1011$\mmduch.dlSymantec Email Proxy: TCP/IP is not installed. Disable email scanning in your symantic product options or install TCP/IPDDS (Ver_10-03-17.01) - NTFSx86 Run by Alexei Lee at 20:40:19.76 on Wed 09/01/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1171 [GMT -4:00]AV: avast! antivirus 4.8.0 [VPS 100124-1] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exesvchost.exeC:\Program Files\Common Files\Symantec... Read more

A:Antimalware Doctor Security Suite

Hi,If help is still needed post a fresh dds.txt log, please.

Read other 2 answers
RELEVANCY SCORE 104.8

Antimalware doctor and security suite piggy backed java application. Constant popups. Dowloaded rkill, iexplorer, and explorer. takes about 50 times trying to run the program before they can gain access. Virus shuts them down immediately. After receiving the message that they are finally successful and completing scan using malwarebytes computer is restarted and the virus is still there. malewarebytes found about 30 infected files and removed them the first time, but after that scans come back clean or there is only 2 infected files to remove. completed tdsskiller scanned and removed files. Tried before mentioned in safe mode to no avail. We were able to disconnet proxy server.we tried rkill and malewarebytes again in safe mode and were able to get rid of the antimaleware doctor and security suite. Used autorun download to delete rundll file. Began to be transferred to other sites when on internet and now receiving alerts from Microsoft Security Essentials that firefox.exe is a trojan that needs to be removed. Ugh!! Can't seem to get rid of this thing. Using safe mode to post this.EDIT: Posts merged ~BP

A:antimalware doctor and security suite infestation

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 21 answers
RELEVANCY SCORE 104.8

I'm trying to remove these two programs but I'm struggling. I think I caught them from downloading Dream Aquarium. I've been using malwarebytes but it's not working. I tried the bytes scan in safe mode and it detects 4. When I go back to regular mode, they are still there. In regular mode I can't do anything. I can't open regedit, task manager, the internet. It keeps telling me they are infected. Will system restore work. My compouter is eMachines Vista .I'm kind of a noob. Can anyone help me with this problem? What should I do?

Edit: I think I fixed the problem. Mods, feel free to delete this thread.
Edit: I thought I fixed the problem but both came back. I don't know what to do.

A:Infected with Security Suite and Antimalware Doctor:

Download this file and save it to your desktop:http://download.bleepingcomputer.com/grinler/rkill.scrDouble-click the file to run it. A command window will open briefly. Then run a quick scan with Malwarebytes. Post the Malwarebytes log.

Read other 1 answers
RELEVANCY SCORE 96.4

Hello,

I was browsing the internet when suddenly this supposed antivirus scan just popped up in the middle of my screen and started detecting trojans and things within seconds. The icon in the system tray was a fake Windows shield and my suspicion that it was fake was confirmed when I tried to exit the program and it prompted me each time telling me I had to register. I tried to access my control panel and couldn't access the Start menu at all (when I clicked it it would do nothing). I didn't want this program to keep doing whatever it was doing on there so I just held the power button until it restarted.

Now when I go to turn the computer on, I get a message saying the following:

"Windows could not start because of an error in the software. Please report this problem as : load needed DLLs for kernel. Please contact your support person to report this problem."

I have no idea what that means. Google has yielded results on both topics (The "virus scan" is this program here apparently http://www.bleepingcomputer.com/virus-removal/remove-antimalware-doctor), but way too many for me to be sure what my next course of action should be. I have Windows XP, I use an Acer PC...Not sure what other details would be helpful but whatever I can provide please let me know. All help is appreciated!
 

Read other answers
RELEVANCY SCORE 92

Hi Folks,

I appreciate you taking the time to help me out.

I picked up some malware last night from a streaming movie site. I've looked at a few solutions to this problem (including the advice from this site) but nothing is working for one sole reason....I can't run any programs-None. I got as far as downloading the DDS but it won't run it. My computer keeps telling me "file rundll32.exe is infected' and asking if I want to run the malware antivirus software. The only program I've been able to run is McAfee and it found nothing wrong with my computer. I can't open task manager to stop the malicious programs.

Any advice?

Thanks again.

A:Malware Problem - Antimalware Doctor, Security Tool, etc. Programs won't run

Hello chirpygirl,

What version of Windows is this? Try to run the tools from Safe Mode.

Read other 1 answers
RELEVANCY SCORE 86

I should start by telling you that I know very little about computers. I am fine using software, and intelligent enough to work things out and follow detailed instructions, but have no idea how to deal wth virusus/rebuild/networks or what half the files on my computer actually do.Last night I started getting pop-up windows about malware and antivirus scanners. The were clearly dodgy. I attempted to simply uninstall them through the control panel, but obviously this did nothing. As they we interupting any use of my laptop, and causing it to keep shutting down, I made a rather crude attempt to fight them. I started the lappy in safe mode, and as I knew no one with any computer knowledge at all, used a mates laptop and google to try to learn a quick fix. As I was inundated by pages advertising more anti-malware programs, and did not know what to trust and what was more dodgy crap, I found some pages with manual instructions for specific virus removal. I deleted many associated files from the registry (I'd never been in there before!) and the AV Suite and AntiMalware Doctor programs have stopped harrassing me. A few of the file names were somewhat ambiguos, and although everyting seems to be running smoothly, I am concerned that I was playing Russian Roulette deleting things that just looked close enough to the one I was advised to delete! So now that my laptop is at least functioning, I got back on google to look at recommendations for automated malware removal (or a... Read more

A:Windows Defender fake/AV Suite/AntiMalware Doctor

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.I order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is ... Read more

Read other 13 answers
RELEVANCY SCORE 85.6

My pc has several infections, but Antimalware Doctor seems to be the biggest issue as their popups appear on my screen and I cannot remove them.I'm following instructions given by boopme to someone in topic "Antimalware Doctor - big problems!, Nothing is working" and so far have done the following: 1. I'm working in safe mode with networking now. 2. I downloaded FixExe and allowed registry entries.3. I downloaded rkill and saved on my desktop, but rkill repeatedly kills itself after many attempts to run it. I tried iExplore and eXplorer with the same results.3. Should I try dowloading and running SUPERAntiSpyware?My OS is Windows XP/SP2Two more things... * Avast! has been disabled ty malware and I cannot activate it again!* I see a program called URGE located in C:\Documents and Settings\All Users\Start Menu\Programs. When I first noticed it, I wrote down the following properties:Remote AssistanceTarget Location System 32Created 7/25/2010; modified 7/26/2010Location: C:\Documents & Settings\Administrator (my name)I don't know what this program is and don't remember installing it! Could this have been installed by malware? The created/modified dates are consistent with the dates I was infected.

Read other answers
RELEVANCY SCORE 84.8

--------------------------------------------------------------------------------Hey guys....I need helpI got hit with Antimalware doctor and it totally messed up my computer. I've searched the forum for quick fixes but not sure if that helped completely. Here's my issues:the entire look of my computer changed..desk top icons missing.cannot get "add/remove programs"control panel is blankcannot download malware - or any program. When i try to download something the pop up box comes up then disappears.Here is log from hijack thisLogfile of Trend Micro HijackThis v2.0.2Scan saved at 5:25:54 PM, on 05/01/2010Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16890)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exeC:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exeC:\WINDOWS\zHotkey.exeC:\WINDOWS\ModPS2Key.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\WINDOWS\sttray.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\WINDOWS\System32\igfxtray.exeC:\WINDOWS\System32\hkcmd.exeC:\WINDOWS\System32\igfxpers.exeC:\P... Read more

A:Antimalware Doctor killed my computer

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 84.8

Hi guys,

I was hoping you could help me. Two days ago my computer started restarting itself. Every time I tried to turn it on it would restart within 15 seconds, normally shortly after I entered my user password to log on to the system. It has since not managed to fully turn itself on, and flashes a blue page with some error message before restarting. When I press F8 as it loads I can get on to that options page as normal, but neither safe mode nor last known good configuration will load.

A few hours before it started my computer got the ‘antimalware doctor’ virus so I did the malwarebytes scan in normal mode while ignoring all the antimalware popups. It finished after a couple of hours but announced that it could not remove all the threats. Still, it appeared that the antiwalware had disappeared, and I downloaded avast antivirus too. Before I could run it though, the restarting began.

A bit of info on the computer… it’s a Dell running on Windows XP. It’s 5 years old and the battery alone no longer works, only the power cable does. Before 2 weeks ago it had been off and unused for almost a year and a half, yet worked fine in the 2 weeks leading up to when the problems started.

I’ve read about a few similar problems online but none quite like this. I assume it must be a problem with Windows? Any suggestions of things I can do?

Anyway, thanks in advance for any advice you can offer!
 

A:restarting computer after antimalware doctor

any suggestions would be greatly appreciated!
 

Read other 1 answers
RELEVANCY SCORE 84.8

Hey guys....I need help

I got hit with Antimalware doctor and it totally messed up my computer. I've searched the forum for quick fixes but not sure if that helped completely. Here's my issues:
the entire look of my computer changed..desk top icons missing.
cannot get "add/remove programs"
control panel is blank
cannot download malware - or any program. When i try to download something the pop up box comes up then disappears.

Here is log from hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:25:54 PM, on 05/01/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ModPS2Key.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\sttray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\WINDOWS\ehome\ehtray.exe
C... Read more

A:HELP!!Antimalware doctor killed my computer

Hello and welcome to Tech Support Forum.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:



Step # 1 Download and run DDS

Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.



Step # 2: Download and Run Gmer

Please download gmer.zip from Gmer and save it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst

If possible rootkit activity is found, y... Read more

Read other 3 answers
RELEVANCY SCORE 84.8

Hello,

A friend keeps getting his computer, which has Windows XP Home installed, infected with rogue anti-virus software. I have cleaned these infections off his computer a couple times before, but now my concern is that there are still some components deeply rooted in his computer. I believe this is the reason for this rogue software installing itself on his computer after it has been cleaned. Now, each time the rogue ant-virus/malware has been named something different, this time it is Antimalware Doctor. I have convinced him to install three layers of protection to protect his computer in the future so this does not occur again. Presently he is just using Microsoft's Security Essentials which is not enough.

I would appreciate any help to assist me in cleaning his computer...see the attached Hijackthis.log file.

Let me know is further information is required...

Thank you very much,

Dan

 hijackthis.log   6.92KB
  3 downloads

A:Computer infected with 'Antimalware Doctor'

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 3 answers
RELEVANCY SCORE 84.8

My daughter's computer is infected by AntiMalware Doctor. When the computer is booted AntiMalware Doctor appears on screen and one can click through various sub-screens that come up. However clicking "no" always brings up yet another AMD box. It is impossible to access any other part of the computer as none of the icon buttons will work. When I try crt-alt-delete and then open Task Manager I get a box that says:
------
Antivirus Software alert (in red)
INFILTRATION ALERT Virus Attack
Your computer is being attacked by an internet virus. it could be a password-stealing attack, a trojan-dropper or similar.

DETAILS

(Blank lines)

Do you want to block this attack?

Yes No
---------
The "No" button seems inactivated, leaving the "Yes" button coloured and ready to click - except I haven't done that.

There are also other AMD boxes that come up saying things like:
-----
Security warning

Application cannot be executed. The file taskmgr.exe is infected. Do you want to activate your antivirus software now?

YES NO
---

Every time I click "No", the same screen comes up but with another file listed as the infected one.
I cannot get any other icon button to fucntion on the screen.

I think the computer uses Windows XP . We use Firefox as browser.

I've found out that AntiMalware Doctor is a rogue program but the solutions offered all require me to get INTO the computer and at present the rogue program is not allo... Read more

A:Computer frozen by AntiMalware Doctor -What to do?

Hello and welcome... Judging from your intro post we need to approach this with prayer and supplication Let's see what we can get here.Please follow our Removal Guide here Remove Antimalware Doctor . You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.How are things?

Read other 7 answers
RELEVANCY SCORE 84.8

So I have no idea of where it came from. I saw the other post, but the files he removed did not fix the problem. An XP machine, she uses AOL and has their version of McAfee Security Center. Upon bootup, the error meesagte was "error loading C:/windows/dmcmfmsp.dll The specified module could not be found." I got a meet locals popup when IE8 was opened, along with numerous reminder to activate AMD.
There used to be a tutorial here, what should I do to eradicate this malware? I am re-doing the scan she performed, but I was told McAfee could not quarantine the virus.
Thanks!

A:Antimalware Doctor on wife's computer

FYI
I am reinstalling XP, because I could not run one of the programs you guys wanted to see a log for. It is the path of least resistance in this case. The malware chewed up all the available memory, and I ran out of patience.
Thanks for being here, though.

Read other 1 answers
RELEVANCY SCORE 84

HelloMy computer has windows XP and got infected with Security Suite and Anti Malware Doctor Protection Centre and after going through the guides to remove them, they were still there. I ran the trial version of Spyware Doctor with Antivirus and it identified something like 15 threats (inc. backdoor.trojan, trojan.bamital, trojan.fakeAV, backdoor.agent.LEL, trojandownloader.agent.OGP, dialer.coulomb_Dialer) and 70 infections so I purchased the full version and ran the scan. Then I removed the threats and rebooted as instructed. When I rebooted, my laptop froze on the blue screen with :STOP: c000021a {Fatal System Error}The Windows Logon Process system process terminated unexpectedly with a status of 0xc0000034 (0x00000000 0x00000000).The system has been shut down.I contacted the Spyware Doctor support but they just told me to contact the laptop manufacturer and do a repair install. I got the laptop second hand and don't have any startup disks. I'm quite a novice with computers so not sure what to do. Also, I have some files that aren't backed up and would like not to lose them.I've tried rebooting in safe mode, safe mode with networking, normal mode, last know good configuration but everything brings up the same screen.Please help!Laura

A:c000021a {fatal system error} after using Spyware Doctor to remove Security Suite and Anti Marware Doctor

Hi Laura,I hope you could get the money back from spyware doctor at the very least.Do you have any kind of bootable CD available? Can you create a bootable CD on a different PC to use on your laptop?regards myrti

Read other 30 answers
RELEVANCY SCORE 83.6

I was recently infected with the Antimalware Doctor virus. I attempted to remove the virus manually and was successful in the following steps:

From the Registry Editor I was able to locate and delete these values:

* HKEY_CURRENT_USER\Software\Antimalware Doctor Inc\Antimalware Doctor
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor

I was unable to locate or delete this value:

* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Antimalware Doctor.exe

I was also unable to locate these files during a file search:

* enemies-names.txt
* Antimalware Doctor.exe

I downloaded and installed STOPzilla, I ran a scan of my computer with this software, and when prompted to, I rebooted my computer. The only problem is that my computer fails to reboot at all now. I've tried to reboot it in Safe Mode, in Safe Mode with Networking, et al, but the only thing that happens is the BOOT/BIOS startup window opens, then the Windows XP startup menu opens and then the computer just shuts down....

Any help you can offer will be greatly appreciated.
Thanks

Read other answers
RELEVANCY SCORE 83.6

I used MBAM, super antispyware and spybot s & d to remove antimalware doctor. Now, my computer freezes when I boot up, and it runs chkdsk on every boot. I tried to fix that problem in the registry, but it didn't work. When I say it freezes, it seems it runs for a short amount of time, then stops. At first, some of the buttons work, but then the graphics get messed up and all the windows that are open stay open and don't close. If I boot in safe mode, I can run all the scanners, they all find something and are able to remove it but say I need to reboot. Then when I do, it freezes. Also, IE doesn't work but firefox will. the virus/malware has disabled windows firewall and will not let me start it, and it has shut of automatic updates. None of the scanners are able to update. I'm using Windows xp pro (latest update)
Are you able to help me? Here is my hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:26:29 PM, on 5/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9... Read more

Read other answers
RELEVANCY SCORE 83.6

links to last post: http://www.bleepingcomputer.com/forums/topic313992.html, http://www.bleepingcomputer.com/forums/topic313992.html (both are the same)I am unable to turn the firewall on, the trojan or whatever it is says it can't start the ICS service.I was able to run defogger and dds, but not GMER. The initial scan for GMER worked, but when I made the option changes and ran the scan it froze up within 30 sec.I'm able to boot without freezing in safe mode. I've ran superantispyware, antimalwarebytes, spybot s&d, and AVG antivirus scanner in safe mode. They all find things but ask to reboot, so I reboot to normal mode and it freezes. Computer runs chkdsk after every restart even when I let it finish. Sometimes when the computer freezes I get a solid high pitched tone (no speakers are attached - its coming from the internal computer speaker that makes the beeps) This has only happened a few times. IE will not work at all and I can't update the spyware scanners. I am using a USB drive and a laptop to do this.DDS (Ver_10-03-17.01) - NTFSx86 Run by Doug at 13:26:32.92 on Mon 05/03/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1276 [GMT -5:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\windows\system32\Ati2evxx.exeC:\windows\system32\sv... Read more

A:Removed antimalware doctor and now computer freezes

Please close this topic

Read other 2 answers
RELEVANCY SCORE 83.6

Hello,

My daughter's computer is an XP with service pack 3 and has Kaspersky anti virus. She was downloading some music tracks and an mp3 was not what it seemed. It was like the computer was being bombarded with trojans / viruses for several seconds. Kaspersky seemed to deal with them all either deleting them or quarantining them. However the system was still infected with a virus called antimalware doctor. Now the computer can't boot up normally as it keeps looping. There is a very brief flash of a blue error screen but only for about 1 second so I cannot read it.

I can get into the computer via safe mode and removed the antimalware doctor virus manually from registry, startup etc. after following some general instructions I found on Google. However, this hasn't helped as we still can't boot other than in safe mode. Maybe there are other viruses lurking. Kaspersky seems to be jamming at about 60% into its full scan. I'm wondering if a virus is doing this too.

Attached is the hijackthis log. Any help appreciated.
 

A:computer infected with antimalware doctor and possibly more

Read other 14 answers
RELEVANCY SCORE 83.6

Hi,I had this friggin virus called 'antimalware doctor protection centre'---i managed to remove the hkeys n all that but the internet wuldn't work.So I ran 'rkill', which I understand very little of...then, I ran combofix, which I shudn't have.Now the toshiba Tecra 5 in normal mode and safe mode is showing a black screen. I accessed processes through ' ctrl+alt+del' and saw that the windows explorer is not working- I can access other programs. The internet is not working either.It has windows xp.I did a system restore to when the computer got the virus. Now the computer screen is back, the virus is there and the mouse won't work. I tried working with the keyboard but I can't seem to run the logs.I removed the virus manually from 'regedit'- by removing from current user-software, windows-current version-run and uninstall.i did defogger. can't perform dds. I opened gmer but i can't do a scan- can only tab between 'ok' and 'cancel.' i can't select scan.in the windows of gmer abt rootkit/malwarecode- system root\system32\drivers\mfehidk.sys(host intrusion detection)and related to it.I got a log through 'hijack this'- would this be useful?Logfile of Trend Micro HijackThis v2.0.4Scan saved at 9:05:24 AM, on 9/3/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\... Read more

A:After antimalware doctor and combofix, computer tragedy

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open wit... Read more

Read other 45 answers
RELEVANCY SCORE 82.8

hi all; i'm a bit emotionally shaky because my computer at home won't boot up as of yesterday. hopefully i might find some help here! (i'm posting this message on various forums, hoping that someone might have the answer)

my computer won't boot up. here's what happens when i try:
- i get the usual white screen with the Hewlett Packard logo, that says something like "press F8 to go to the boot menu". (i'm able to do that if i wish).
- then after a few seconds, the screen turns black. and then nothing. (usually, it would display the colourfull Windows XP logo with a sort of progress bar underneath it).
- at this point, if i press the "on/off" button on my computer, the computer shuts off instantly. (this is in contrast to when in windows xp normally, where pressing the on/off button is like choosing 'Start>Shut Off', in which case it takes a while for the computer to turn off).

here's what happened to cause my computer to stop booting:
- i went into Start>Run and typed in "msconfig", and then went to (i think) the "BOOT.INI" tab, and checked off some checkbox called (i think) "/SAFEBOOT". i have done this a number of times this past month in order to get into safe mode. i need to do this because a) my DVD burning software has stopped burning DVDs properly since about a month ago, but in safe mode it does work, and b) i can't figure out how to get into safe mode by pressin... Read more

A:computer won't boot; factors are: msconfig, system restore, malware doctor

Read other 6 answers
RELEVANCY SCORE 82

Posted a different topic in am I infected and was re directed here after I was unable to clean some infections. Previous topic Sometimes the computer freezes up, sometimes I am able to access the internet and launch apps and other times it freezes and I have to shut it off. Luckily I was able to perform all the steps today but right before I was about to post this topic, the computer froze again. Prior to the infection I did not have this problem. DDS log:.DDS (Ver_2011-06-03.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22Run by diana nong at 19:41:23 on 2011-06-09Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.494.15 [GMT -8:00].AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}AV: avast! antivirus 4.8.1368 [VPS 100816-2] *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: Norton Internet Worm Protection *Disabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\Program Files\Alwil Software\... Read more

A:Infected with antimalware doctor. computer freezes a lot. rootkit activity

Hi,Please do the following:Download ComboFix from one of the following locations:Link 1 Link 2 VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\C... Read more

Read other 14 answers
RELEVANCY SCORE 82

Hi

Computer got infected yesterday.

Symantec AV detected 2x Trojan.Gen and Infostealer threats, which installed Antimalware Doctor automatically. Safe Mode disabled system restore and installed MBAM, it found threats as per log pasted below, cleaned all. Assumed it was fine.

Turned on computer this morning and once connected to WLAN it appears to be sending out spam emails as Symantec's email scanning shows this. Installed Spybot S&D, it found threats as per log pasted below, cleaned all. When i connect to WLAN it is still attempting to send out spam and from Task Manager it shows that it is opening Outlook.exe processes.

Please help?

--------
MBAM LOG
--------
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6287

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

06/04/2011 17:10:19
mbam-log-2011-04-06 (17-10-18).txt

Scan type: Full scan (C:\|)
Objects scanned: 215209
Time elapsed: 17 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\K8CE6CA1JO (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\... Read more

Read other answers
RELEVANCY SCORE 82

Hello, this is a first post for me. I'm so happy to have found this site, and I hope that someone can help me.

I run Windows XP Professional 2002 version 3, and have Microsoft Security Essentials Version: 1.0.1963.0 / Antimalware Client Version: 2.1.6805.0 / Engine Version: 1.1.6004.0 / Antivirus definitions: 1.87.112.0 / Antispyware definitions: 1.87.112.0. I use Windows Firewall, but no other firewall program. Yesterday I installed Threatfire, but this was after I had a rogue program installed on my computer:
I got an 'Antimalware Doctor' rogue program 2 days ago, thought it was removed, but there are residual problems. When it popped up, I immediately turned off my computer to discontinue the internet connection, but it was still on when I restarted. I know these programs disable Windows Task Manager, so the first thing I did was pull that up so it could be on. I noticed a process called '070700setup.exe' running and I ended that process. That seemed to have stopped the Antimalware Doctor from doing anything immediate.

I ran a Microsoft Security Essentials full scan, and it found the following items:
virus: Win32/Alureon.H
Exploit: Java/CVE-2009-3867.EZ
Adware: win32/SpartAdsSolutions

the first 2 were Quarantined and the Adware was removed.
I then ran a full Malwarebytes scan, and removed the items it found. Here's the log from this scan:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4325

Windows... Read more

Read other answers
RELEVANCY SCORE 78.4

Hello, LIkein the topic title my computer is infectecd with Antimalware Doctor and Antimalwae Doctor Protection center. Is very annoying and it wont' let me open some programs. I need help removing this please. It won't even let me open combofix or anything like that. I ran antivirus scans but it never delted anything. I can't watch youtube videos. Is mostly what i do, watch youtube videos but now it won't even play videos on youtube. The screen is just black. I also do videos but it keeps poping all these messages and never lets me work. Can someone help me remove this fake virus. Thanks !!!
 

Read other answers
RELEVANCY SCORE 78

Hello, I'm hoping someone here can help. This evening I was infected by some virus, named above. Antimalware Doctor and Antivir Pro? I googled them and found the topic about removing the virus here. I followed it with ease, although the rkill programme took about 7 attempts.MBAM removed 11 infected files and then asked me to reboot. Upon rebooting the bug is back, and now I cant run rkill, or the iexplorer, or the eXplorer. I have a log from the rkill and from the MBAM scan. Any help would be appreciated. Thanks in advance.

A:Antimalware Doctor & Antivir Pro Wont Remove?

Hello,Please follow the instructions in ==>This Guide<== starting at Step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 78

Hi,It all started when I downloaded a zip file file from Rapidshare. The file was checked with Virustotal and came up clean. As soon as I downloaded it, I got what I now believe was a bogus Java update. Then this Antimalware Doctor pops up telling me I had keyloggers and God knows what else. Also, my AVG went nuts telling me I had 3 trojans.I followed your Antimalware Doctor removal instructions and I though that was the end of it, but a scan with MBAM came up with 6 infected files. I let it take care of those, scanned again, and found a bad registry entry. Scanned yet again, and found one more. At that point I figured I had a problem, so I went to your Do This Stuff First page, ran all the scans and here I am.I am running Windows 6.0.6002 Service Pack 2Internet Explorer 8.0.6001.18904The last MBAM scan found this registry entry: Registry Keys Infected:HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.rkilll log:This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as john on 04/30/2010 at 17:58:40. Processes terminated by Rkill or while it was running: C:\Users\john\AppData\Local\Temp\RtkBtMnt.exeC:\Users\john\AppData\Local\Temp\Xqq.exeC:\Users\john\Desktop\rkill.comRkill completed on 04/30/2010 at 17:58:46. gmer log:GMER 1.0.15.15281 ... Read more

A:Antimalware Doctor and other malware

Hello John Lindsey Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.Please download ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Instruction c... Read more

Read other 26 answers
RELEVANCY SCORE 77.6

HiOn April 11 at about 2:15 pm a Java warning popped up after I clicked a link and the warning suggested that an earlier version of Java was necessary so i clicked it and soon the warnings started appearing. Windows Security Center and XP Internet Security-Unregistred(sic) Version. This malware won't allow me to access Window Firewall controls and the firewall is turned off. I have unplugged the ethernet connection to that computer and am using my laptop for this. Here's the DDs and attach. GMER seems to get hung up at SOFTWARE\Microsoft\CurrentVersion\Installer\UserData\S-1-5-18\Compone and the system crashed

A:XP internet security and antimalware doctor

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.----------------------------------------------Please run Gmer but check only the SECTIONS option

Read other 2 answers
RELEVANCY SCORE 76.8

I just read the rules for the forum and I am trying this again without posting mbam logs. I have a bunch of malware on my computer and have run mbam 3 times now to remove it and it is still on the computer. I also get a Shield Alert pop-up saying I am infected with a trojan and that I need to get the software to get rid of it. Let me know if I need to post anything to help you to move further. Thanks!

A:Need Help removing antimalware doctor and other malware

Hello and welcome... You need to do all the steps.Please follow our Removal Guide here Remove Antimalware Doctor (Uninstall Guide) You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 3 answers
RELEVANCY SCORE 76.8

Hi--

I am running a Windows Vista 32 bit system, Service Pack 2, and have been infected by a fake malware virus---Antimalware Doctor. How do I get rid of it? Thanks.

Stevelinda

A:malware virus---Antimalware Doctor

Hello please follow the Automated Removal Intructions in our Guide here.Remove Antimalware Doctor Please post back the scan log and let me know how it's running.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 15 answers
RELEVANCY SCORE 76.8

My computer was recently infected with malware. I periodically get pop-ups from programs such as "Antimalware Doctor" telling me that my computer is infected with malware and that they are attempting to help remove the threats/issues. When one such pop up appears, the screen that was displayed on my computer at that time dims to grey, freezed screen, which I cannot access until I close the pop-up on the window. I have a attached a picture, titled "Pop-up," showing what the screen looks likewhen this occurs. The Antimalware Doctor pop-up begins with a pop-up near the bottom right of my screen, near the area that displays the current time. It states that my computer has been infected with a trojan and then begins a countdown of a few seconds. I havea attached a picture of the screen, entitled "Antimalware Doctor," with this pop-up displayed in the lower right of the screen. Upon the expiration of that timer, the Antimalware Doctor pop up appears, prompting me to "register and prevent theft." The ark.txt file will not fit as an attachment on this post, so I will attach in a follow-up to this post.DDS (Ver_10-03-17.01) - NTFSx86 Run by Payton's Laptop at 18:44:15.40 on Sat 05/01/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.108 [GMT -5:00]AV: Digital Protection *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}AV: Norton AntiVirus 2006 *On-acc... Read more

A:Infected with Malware: Antimalware Doctor

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 76.8

When I start my computer I now get a winlogon.exe - Application Error. If I click either option my computer with bluescreen or possibly try and restart. My computer continually seems to check the a: drive, and antimalware doctor, two instances of security tool 44091144 open. It will not allow me to run mbam or hjt, as the malware blocks it saying it is a virus or will send creditcard data online. I cannot access taskmanager to kill the instances. When logged into safemode I still get the winlogon.exe application error, and it still continually checks the a: drive, but I can run hjt and or mbam without getting any errors.DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Mike at 16:43:55.15 on Mon 08/09/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_12Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.260 [GMT -4:00]AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Studio\Desktop\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.com/uInternet Connection Wizard,... Read more

A:antimalware doctor, security tool 44091144

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

Read other 2 answers
RELEVANCY SCORE 76.8

Hello,

My computer has recently been infected with both the Security Tool and antimalware doctor malware. I've successfully removed viruses myself before, however removing these two has been impossible. I have downloaded and ran rkill numerous times, however the virus always kills it. I have attempted to rename rkill several times and tried all file extensions for rkill and still security tool terminates it even if leave the security tool "warning" up. I booted my laptop in safe mode in networking and ran Malwarebytes and did a full scan and it detected and removed several malicious files, restarted the computer in normal windows and both security tool and antimalware doctor are still there. I've read several sites on these malware programs and the solutions are very scattered. I attempted to manually delete some of the registry files associated with the viruses but i couldn't even find any of the known ones in my registry. Helppp please

A:Need help removing Security Tool and Antimalware doctor

Hello and welcome. Please try it this way.Reboot into Safe Mode with Networking How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rkill as the ... Read more

Read other 1 answers
RELEVANCY SCORE 76.4

How do I get my internet setting back to normal after a anti malware doctor virus attack? My laptop was recently attacked by the anti malware doctor virus. I think I have managed to get rid of it. However I cannot go onto the internet. The web browser keeps saying "cannot display the page". I use google chrome. Does anyone know what I can do?

A:My laptop was recently attacked by the anti malware doctor virus

Hi,

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

Read other 2 answers
RELEVANCY SCORE 76

I first noticed problems when Antimalware Doctor started popping up. I have run both Malwarebytes and Super Anti Spyware in safe mode with system restore truned off. Both find trojans and i remove them all as well as the quaratine items. Once I reboot nothing has changed. If I go back into safe mode and re-scan, it finds what seems to be the same things again. I am at my whits end and I am not that savy so here is my hijack this log. Please let me know if I posted the log incorrectly, or if it is not the right log to post. Any help would be greatly appreciated!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:16:34 AM, on 7/3/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69... Read more

A:Multiple Malware Including Antimalware Doctor

Read other 16 answers
RELEVANCY SCORE 76

PLease help!! Which of these do I select?------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:36:27 AM, on 4/22/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Sony\VAIO Event Service\VESMgr.exeC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\Program Files\Common Files\Sony Shared\VAIO Entertai... Read more

A:HiJackThis Log - Antimalware Doctor and Digital Security viruses!!

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers
RELEVANCY SCORE 75.2

help!!! i got this from a memory stick inserted on the computer, it was from an autorun.inf. even now as i am posting this the malware runs loose on my system. on taskmanager it opens a process called Global.exe which keeps re-running even after i end process or end process tree. it disables my anti virus and doesnt let them re-run. it doesn't let me open add or remove programs, i cant open regedit because it has been blocked by administrator ( the malware must have done this, because i could open the registry prior to the infection ) i also think it's slowly eating up my disk space .. here is my log. please help
DDS (Ver_09-03-16.01) - NTFSx86
Run by maceren at 16:54:05.34 on Sun 05/10/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.155 [GMT 8:00]

AV: avast! antivirus 4.8.1335 [VPS 090509-0] *On-access scanning disabled* (Updated)
FW: COMODO Firewall Pro *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
svchost.exe
C:\WINDOWS\system32\wscript.exe
C:\... Read more

A:"This computer is being attacked" malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

Read other 2 answers
RELEVANCY SCORE 75.2

Hi! I have the Antimalware Doctor infection, habitually it seems pretty easy to remove but it turns out to be more complicated than I thought. I tried your removal procedure for this virus: http://www.bleepingcomputer.com/virus-remo...imalware-doctor but the rkill doesn't work so I can't kill the Antimalware Doctor process (let it ran for 8 hours and nothing was happening - my laptop wasn't frozen though). I booted in safe mode in which the rogue anti-spyware doesn't start and ran MalwareBytes as well as Spybot and tried some other tools (more details after the DDS log).I have a Dell Latitude D620 LaptopMicrosoft Windows XP ProfessionalVersion 2002 SP3Model: PP18LHere is the DDS log:DDS (Ver_10-03-17.01) - NTFSx86 MINIMAL Run by Mark at 20:46:13.76 on Wed 08/18/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.811 [GMT -4:00]AV: PC Tools AntiVirus Free *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcsC:\WINDOWS\Explorer.EXEC:\Documents and Settings\Mark\Desktop\dds.scr======... Read more

A:Infected with Antimalware Doctor (Malware.Trace / PWS.LDPinchIE)

Hi Mork345,Welcome to Bleeping Computer!My name is mpascal, and I will be helping you fix your problem.Before we begin, I would like give a few guidelines so that we can fix your problem as quickly and efficiently as possible:Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.Please do not do anything or perform other steps unless I have asked you to do so.Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.If you are unsure of how to reply, or need help with anything regarding the website, please look here.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will rev... Read more

Read other 14 answers
RELEVANCY SCORE 75.2
A:Malware Removal: Antimalware doctor/AVG Shield Alert, Please help!

Deleting

Read other 1 answers
RELEVANCY SCORE 74.8

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:47 PM, on 3/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\Program Files\Dell AIO 810\dlcgmon.exe
C:\Program Files\Common Files\AOL\1191286671\ee\AOLSoftware.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\Program Files\Xfire\xfire.exe
C:\Pro... Read more

A:Being attacked by malware such as Malware doctor

Read other 13 answers
RELEVANCY SCORE 74.4

Hi,When my computer starts, Antimalware Doctor pops up and starts a fake scan. It disables all web browsers from running. Before I ran rkill and then Malware bytes, I also experienced that a program tried to constantly start a Command Prompt (stopped by UAC) as well as a program for digital identification that I have installed (to be able to id myself digitally in Sweden). After running Malwarebytes the two latter things stopped ocurring, but Antimalware Doctor still runs every time I start my computer. If I run rkill once, it stops however, and does not come back until I reboot. Since this started happening yesterday, I have also experienced 3 BSOD, which has never happened before. Each time with a different error message:1) Monitor.sys; 2) Kernel_Page_Stack_Error; 3) Page.... (did not have time to read before reboot)Below is my dds log. NB! I could not attach my ark.txt file since it is 1,22MB, and the maximum file size is 512k. What to do? Thanks a lot for your help!DDS (Ver_10-03-17.01) - NTFSx86 Run by Andreas at 19:31:17,41 on 2010-09-30Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_17Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.46.1033.18.3069.1548 [GMT 2:00]SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Program Fil... Read more

A:Antimalware Doctor starts at boot

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

Read other 16 answers
RELEVANCY SCORE 74.4

Hi, I am not very good with computers so I will explain this as best as I can.I am currently running Vista SP2 on a HP530 Laptop.I was infected with the Antimalware Doctor virus a few days ago and have tried a few steps before. These were:o Running the computer in Safe Mode and using Malwarebytes (to no avail)o Trying Startup Repair and also System Restore (restoring to an earlier date)Now after trying these steps, it will not even let me boot to the login screen (it ends up with a cursor on a black screen and stays there (the screen before the Login screen appears)It always goes to this screen no matter what mode I run it in.I do not really want to Format it because I do not have a Vista recovery disc and am not sure whether my motherboard will support XP.Help??Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

A:Antimalware Doctor and now fail to boot up

Take a look here: Remove Antimalware Doctor (Uninstall Guide)

Read other 2 answers
RELEVANCY SCORE 74.4

Hi Guys,Thank you in advance for your time in reading and any recommendations you may have. basically, i'm in the exact same situation as this guy: http://www.bleepingcomputer.com/forums/t/314396/antimalware-doctor-not-quite-fully-removed/i used MBAM to clean my laptop, which it did, but i am still being redirected to other sites. and unfortunately i can't access Windows Update either.i've already run cmbofix - i had a rootkit infection which has been removed but something is still left behind. as soon as my laptop restarted during the the combofix procedure, a msg did appear from norton saying i had a virus - backdoor.Tidserv!inf - which i'm not sure if its been removed or not. i'm going to run some additional scans when i get home today on MBAM and norton.if there are any further scans that are recommended, i would really appreciate the help. thanks again!I've run Norton and mbam scans but no viruses or Trojan found. But I still can't access windows update, and I'm still getting Google re directs. I also noticed that my laptop doesn't hibernate anymore.EDIT: Posts merged ~BPEdit: combofix is still finding the same rootkit virus located at c:\Windows\system32\drivers\Imapi.sys I'm not sure what to do from here.. is it possible to delete this file with the laptop on and replace with a clean version from another laptop via drag and drop? I'm using Windows xp and I have access to a network running the same. As I'm not sure what the Imapi file contains, I'm only having a g... Read more

A:Malware, Antimalware Doctor, and unable to access Windows Update

Hello,I'm sorry we missed your previous topic. I would have provided the instructions there that I'm going to give you now. Since that earlier topic is a duplicate of this one, I'm going to go ahead and delete it to avoid potential confusion.Please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Since you have run ComboFix, please include the ComboFix log in the new topic. Please be sure to include a description of your computer issues and what you have done to try to resolve them.If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why and include the ComboFix log along with a description of your computer issues.Orange Blossom

Read other 3 answers
RELEVANCY SCORE 74.4

My laptop was recently attacked by some sort of malware. I cannot provide details of the exact problem, as it happened while my girlfriend was using the computer at work. She had to turn off the firewall to get the network connection to work and within a couple of hours she received a pop-up warning her that the computer was infected and whether she wanted it resolved. She unsuspectingly clicked yes and this was followed by a deluge of pop up windows for porn sites, viagra etc.

Steps to correct problem

1. I ran malwarebytes in safe mode and did not come up with any infected items.
2. I ran Super Antispyware professional in safe mode and it detected 31 trojans which I then removed.
3. I then restarted the laptop and ran Kaspersky Anti-Virus and it came up with nothing except for a vulnerabilities detected in MS-Office.
4. I ran Malwarebytes one more time and it did not detect anything.

At this poinit, I just want peace of mind that I do not have any residual spyware/malware on my laptop as I use it for paying bills. I would greatly appreciate it if you could recommend steps I can take to ensure my laptop is clean.

Thanks in advance

A:Computer attacked by malware- Still infected?

Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. Why? MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, MBAM loses some effectiveness for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. Additionally, there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Doing a safe mode scan should only be done when a regular mode scan fails or you cannot boot up normally. If that is the case, after completing a safe mode scan, reboot normally, update the database definitions through the program's interface (preferable method) and try rescanning again.Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser!Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator. Click the Start button to begin the cleaning process and let it run uninterrupted to completion.TFC will clear out all temp folders for... Read more

Read other 1 answers
RELEVANCY SCORE 74.4

Hello, I really appreciate any help you could provide me. And HELP!!!!

I run Windows XP Professional 2002 version 3, and have Microsoft Security Essentials Version: 1.0.1963.0 / Antimalware Client Version: 2.1.6805.0 / Engine Version: 1.1.6004.0 / Antivirus definitions: 1.87.112.0 / Antispyware definitions: 1.87.112.0. I use Windows Firewall, but no other firewall program. Yesterday I installed Threatfire, but this was after I had a rogue program installed on my computer:
I got an 'Antimalware Doctor' rogue program several days ago, thought it was removed, but there are residual problems (google searches redirecting, internet explorer not coming up, microsoft security essentials not able to update). When it popped up, I immediately turned off my computer to discontinue the internet connection, but it was still on when I restarted. I know these programs disable Windows Task Manager, so the first thing I did was pull that up so it could be on. I noticed a process called '070700setup.exe' running and I ended that process. That seemed to have stopped the Antimalware Doctor from doing anything immediate.

I ran a Microsoft Security Essentials full scan, and it found the following items:
virus: Win32/Alureon.H
Exploit: Java/CVE-2009-3867.EZ
Adware: win32/SpartAdsSolutions

the first 2 were Quarantined and the Adware was removed.
I then ran a full Malwarebytes scan, and removed the items it found. Here's the log from this scan:

Malwarebytes' A... Read more

Read other answers