Over 1 million tech questions and answers.

Can't get rid of Alpha Antivirus with Malwarebytes

Q: Can't get rid of Alpha Antivirus with Malwarebytes

I've tried to remove Alpha antivirus with Malwarebytes and it doesn't work. The first time I ran it it found 9 items and quarantined then ( 4Trojan.bho, 4 trojan.fakealert & 1 adware) but the alpha popped up right after. I've tried running the malware bytes a number of times ( after removing the 'alpha.exe' file from the processes menu, otherwise it won't even let me run Malwarebytes) and everytime it says the scan was finished succesfully and nothing was found. I'm not very good with computers, but don't know what else to try.
Thanks for any help,
Sandie

RELEVANCY SCORE 200
Preferred Solution: Can't get rid of Alpha Antivirus with Malwarebytes

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Can't get rid of Alpha Antivirus with Malwarebytes

Anyone?? I have to go to work now, but I'll check in tomorrow. Please let me know if you need more info in order to help me. I'd really appreciate any advice.
Thanks!

Read other 8 answers
RELEVANCY SCORE 62

HOW TO REMOVE Alpha Antivirus / Personal Antivirus/ anti-spyware (please scroll to the bottom for my answers)

Hi,

I've seen a lot of posts on here asking how to remove Alpha Antivirus / Personal Antivirus/ anti-spyware but with no replies. im guessing this is because not everyone can reply to Malware Removal questions because of spammers.

I've had a lot of experiance with removing Personal Antivirus, as a lot of my clients PCs have come in infected with it. This week, i was subject to a rogue cousin of of Personal Antivirus called Alpha Antivirus.

I havn't seen any posts up here explaining how to remove it, so i thought I'd offer my services.

To remove Personal Antivirus:
I simply downloaded the freeware malwarebytes from www.malwarebytes.org after which, you obviously need to scan with another free program spy-ware tool such as Ad-Aware SE Pro. It's free to use for non-commercial use, but it often buggs you to buy it. its also no the best around in todays terms (it was a few years ago) but it still did the job in this case nicely

To remove Alpha Antivirus
Alpha was a bit tougher. To remove Alpha follow the above and simply downloaded the freeware malwarebytes from www.malwarebytes.org

HOWEVER running Adaware SE Personal didnt fix the problem for me this time and i had to upgrade to a much better Freeware Spyware cleaner such as SuperAntiSpywareCleaner http://www.superantispyware.com/or the like (please note, although SuperAntiSpyware cleaner ... Read more

A:Alpha Antivirus / Personal Antivirus/ anti-spyware

Thanks for the info. I am sure it will help people in the future.
 

Read other 2 answers
RELEVANCY SCORE 58.4

I have a particular new version of the same thing that has been going around. The Police pro/windows antivirus 2009 and others. It is called Alpha antivirus. It has a program running in task manager called csrss.exe that will not let me stop. PC is running Vista home. I was able to run Malwarebytes and now it doesn't find any problems, but the problem is still there. Most programs stop working and I get a mesage about them. Running combofix in safe mode works, but I get a bsod (blue screen of death) about 20% into it. I hope this is a common problem and I am just an idiot. Any help would be greatly appriciated.

A:alpha antivirus

Download this file and save it to your desktop:http://download.bleepingcomputer.com/grinler/rkill.scrDouble-click the file to run it. A command window will open briefly. Then run a quick scan with Malwarebytes. Post the Malwarebytes log.

Read other 2 answers
RELEVANCY SCORE 58.4

Hello, my name is Sonia,

And I been having dificulty removing a virus from my pc. when browsing certain websites a pop-up comes up that saids (Warning! Visiting this site may harm your computer!)if I click on continue unprotected it comes back to the same pop-up, the other option is asking me to purchase their security hardware. what can I do? Please help
THank you,
Sonia

A:Alpha antivirus

Hi .Have you seen the procedures at http://www.bleepingcomputer.com/virus-remo...alpha-antivirus?Louis

Read other 2 answers
RELEVANCY SCORE 58.4

I am using XP & IE. I have a AVG antivirus program + software from
my cable provider. Yesterday I got a message that my computer was
infected and the screen went to My Computer showing multiple trojans
etc. I could not get out of the loop. Now everytime I try a URL I get a
message that it's been blocked and could harm my computer. I somehow
downloaded a new program called Alpha Antivirus and I can't remove it
with the add/remove feature in Control Panel. Apparently the program has
not been activated as it keeps asking me to do so. Any help with this wouldbe appreciated.
 

Read other answers
RELEVANCY SCORE 58.4

After entering a webpage I was fooled into downloading this antivirus as I could not close the ads. Now I've learned the "antivirus" is really a virus and I cant figure out how to delete it. It just keeps poping up fake messages about viruses on my computer. Thanks!
 

Read other answers
RELEVANCY SCORE 58.4

DDS (Ver_09-10-26.01) - NTFSx86
Run by Gabby at 19:31:37.51 on Sun 11/08/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.382.59 [GMT -5:00]

AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\XoftSpySE6\XoftSpySE.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AAntivirus\alpha.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Commo... Read more

A:alpha antivirus

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may ta... Read more

Read other 1 answers
RELEVANCY SCORE 58.4

Earlier tonight I was bombarded with these pop-ups that stated they were Alpha antivirus installer telling me I was infected and needed security...I did not click anything and I couldn't get out of it either...I ran my Malwarebytes and it found 23 virus'...I removed all and rebooted and now I'm posting the log hoping you can tell me if I'm still infected...Thanks so much for any help:)

P.S. I did not run this in safe mode
Malwarebytes' Anti-Malware 1.41
Database version: 3063
Windows 5.1.2600 Service Pack 3

10/30/2009 11:08:55 PM
mbam-log-2009-10-30 (23-08-54).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 288943
Time elapsed: 2 hour(s), 31 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 22

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Bro... Read more

A:Alpha Antivirus

anyone...help please...

Read other 1 answers
RELEVANCY SCORE 58.4

help i have alpha antivirus on my computer and have tryed several malware and spy ware items and notrhing works

A:alpha antivirus

Hello and welcome. I am moving this to the Am I Infected forum. Please run these next. If you have Spybot installed temporarily disable it.Next run ATF:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow... Read more

Read other 1 answers
RELEVANCY SCORE 57.6

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Home Edition
DDS (Ver_09-10-26.01) - NTFSx86
Run by Steven Medina at 10:00:50.14 on Sat 11/21/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1315 [GMT -7:00]

AV: Norton 360 *On-access scanning enabled* (Updated) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxdfcoms.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:... Read more

A:Remove Alpha Antivirus

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

Read other 2 answers
RELEVANCY SCORE 57.6

Hello hopelessly,Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Please download Java Version 6 Update 17
Click the "Free Java Download" button.
Click "Free Java Download" again
Save the file jxpiinstall.exe to your desktop
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Examples of older versions in Add or Remove Programs:
Java™ 6 Update 12
J2SE Runtime Environment 5.0 Update 6

Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jxpiinstall.exe to install the newest version.Please make sure you turn on the Java Automatic Update Featurehttp://java.com/en/download/help/java_update.xml#howtoNote: This feature is available only on Windows XP, 2003, 2000 (SP2 or higher) and set by default for these ***************Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt.Please post the cont... Read more

A:Removing Alpha AntiVirus

Due to inactivity, this thread will now be closed.

Read other 2 answers
RELEVANCY SCORE 57.6

i have alpha antivirus on my screen. its not downloaded the only place it can be found is on my disc c and it wont let me erase it what can i do

A:cant remove alpha antivirus

I shall move this topic to the Am I Infected forum so we can help you get rid of it.

Orange Blossom

Read other 5 answers
RELEVANCY SCORE 57.6

My daughters computer gets an alpha antivirus alert. It's also running really slow. I think it is infected. I ran the steps in the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help. Here are the .txt files. DDS (Ver_09-12-01.01) - NTFSx86 Run by Rachael at 21:30:06.35 on Fri 02/12/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2942.1770 [GMT -8:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\rundll32.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Program Files\AAntivirus\alpha.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskeng.exeC:\Windows\system32\svchost.exe -k hpdevmgmtC:\hp\support\hpsysdrv.exeC:\Windows\System32\rundll32.ex... Read more

A:Alpha Antivirus alert

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

Read other 2 answers
RELEVANCY SCORE 57.6

Hello, First I have a pc with the Alpha virus along with remnants of Windows Police.
Now, I can not run any programs from the desktop. Clicking opens the OPEN WITH box so something is wrong with my .EXE links.
I can not install or run HJT or Malware. Getting Access denied errors, missing picture errors, or it starts and just goes away.
I am at a loss, being everything I am reading to do, can't be done.
Perhaps someone can instruct me on how to re associate my .exe files and fix my authorities so I might be able to run the tools?

Thanks in advance to everyone. 1st time poster, long time reader

A:Alpha Antivirus + Cant run programs

***UPDATE***

Good news, Can now run programs by tweaking the registry

Bad news, Now I seem to be running AntiVirus 2010 also. Not sure how being this laptop is not connected to anything. Now my Task Manager is disable and as many times as I try to turn on DisableSR, it just goes right back to being blocked.

Perhaps a hammer will fix the issue for good?

Read other 4 answers
RELEVANCY SCORE 57.6

i accidently downloaded alpha antivirus in my laptop.after it has made my life hell,keeps popping up every now and then.i tried to remove it using malware bytes but it could not be deleted fully.plz help me in overcoming this problem.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/28/2008 2:53:26 PM
System Uptime: 11/6/2009 12:20:59 AM (0 hours ago)

Motherboard: Acer | | Biwa
Processor: Intel® Core™2 Duo CPU T5250 @ 1.50GHz | U2E1 | 987/166mhz
Processor: Intel® Core™2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1496/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 39 GiB total, 27.153 GiB free.
D: is FIXED (NTFS) - 35 GiB total, 22.417 GiB free.
E: is CDROM (UDF)

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_8086&DEV_2A02&SUBSYS_011C1025&REV_03\3&B1BFB68&0&10
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_8086&DEV_2A02&SUBSYS_011C1025&REV_03\3&B1BFB68&0&10
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2A03&SUBSYS_011C1025&... Read more

A:infected with alpha antivirus

Hello ghaziniWelcome to BleepingComputer ==========================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checked by d... Read more

Read other 1 answers
RELEVANCY SCORE 56.8

A friend gave me his laptop in frustration. He has the Alpha Antivirus pest.

I put a copy of Malwarebytes on and ran it in safe mode. Found and removed almost 800 entries. Alpha still there in normal mode. Couldn't start MBAM so I renamed it to bb.exe and ran it. Removed another 700+ entries. Alpha is still there.

I have no internet on the laptop, no idea why but I assume it has something to do with the infection. The ethernet connection does not show active and I can see my home wireless network but can't get it past "aquiring netword address".

How do I proceed? Here is the HJT helps at all.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:02 PM, on 12/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
C:\Pr... Read more

A:Mbam does not remove Alpha Antivirus

Forgot to mention that Task Manager will not start either. I'm guessing it is related to this infection as well.
 

Read other 2 answers
RELEVANCY SCORE 56.4

Avira Antivirus Pro - Network Protection Alpha
As a result of the feedback we've received through the Avira Beta Center and Support for our Avira Web Protection module in the past we've decided to redo the module.

Those are the improvements and features added with the new Avira Network Protection Alpha
Scan HTTP traffic on all ports
Unlimited numbers of parallel connections
Improved performance
Reduced resource footprint
Improved technical handling of whitelisted connections
A number of people here in the Beta Center and customers had problems while browsing the internet and received so called "whitepages" we hope to resolve this issue with the alpha version as well.

Test instructions
Please be aware that this is a alpha version which has been tested thoroughly by our QA and development but does not have the same quality as a beta or released product. Errors or data loss may occur!
Uninstall previous Avira Antivirus versions on your system before you install this alpha build!
Technically speaking this is the latest "Antivirus Pro" beta version where the web protection module has been replaced.
Please use the attached "Avira_Antivirus_Pro.key" beta license when you are asked for it during the installation dialog ("I already have a valid license file")
Due to the very high version number, this build will never reach beta or RTM status. In order to proceed with beta testing afterwards you need to uninstall this version firs... Read more

Read other answers
RELEVANCY SCORE 56.4

A few days ago I noticed my computer has started getting a lot of popups stating my computer is infected and I should download Alphaantivirus Software. I do not recall installing this program and ever since then, my computer has gone nuts! Please someone help me get rid of this program.

Thanks

Computer Owner in NJ

A:Please help us! Alpha antivirus popups and malware problem

Hello and Welcome to TSF.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 56.4

It read like it was free, so I downloaded it, then was redirected to a payment page. I went into my programs to uninstall it & it won't let me, it keeps throwing me to the purchase page! It blocks me from the internet & I have to got thru a bunch of popups to get to the internet. How in the world do I UNINSTALL this BEAST?????? I run windows xp pro on a dell dimension e310.
Help Please!!
Thank You!!

A:alpha antivirus program hijacked my computer

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 56.4

Hello. Can you tell me if it is possible to unlock my files if they are crypted witha virus Alpha? May be you have a decryption tool or you know what decryption tools can I use for this.

Thank you.
 

Read other answers
RELEVANCY SCORE 52.4

Something some of you guys might find useful.

Latest Changes -




Quote:
Now requires (and uses!) .NET Framework 3.5 SP1
- Significant improvements to the installer. Prerequisites are now handled in a much more user-friendly fashion (it's no longer "go to the Microsoft website and decipher geek talk and download stuff")
- The auto-updater can now download in the background, and then install the update after you've exited Paint.NET. Compare this to v3.36 and earlier that jump in your face and require the download and installation to happen right now, and block you from us
- New effect: Blurs -> Surface Blur, by Ed Harvey
- New effect: Distort -> Dents, by Ed Harvey
- New effect: Distort -> Crystalize, by Ed Harvey
... Read more

A:Paint.NET (Alpha) 3.50.3424.34110 Alpha

Ya beat me to it lol....

I get the FileForum RSS feed as a live BM in Fx.....

I'd spend way too much time if I listed even half the software I DL from them on a daily basis....

Read other 4 answers
RELEVANCY SCORE 46.8

Hi

I,ve always found Malwarebytes a great program for removing Antivirus Pro 2008/9

But the past couple of days I have installed Malwarebytes on 2 infected XP computers and been unable to install it. Tried safe mode, re-naming file, system restore which eventually worked on one computer once I took it back a couple of months.

I was wondering if the producers of Antivirus Pro 2009 have implemented a way to block the installation of Malwarebytes?

Anyone experienced the same?
 

Read other answers
RELEVANCY SCORE 46.8

Got the darn Antivirus IS malware today, first time ever on this laptop. I have Avira running and slipped through it, shame. Ran rkill before Malwarebyte's, no detection strangely. What do I do? Any help appreciated.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4726

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

10/1/2010 1:20:48 AM
mbam-log-2010-10-01 (01-20-48).txt

Scan type: Full scan (C:\|)
Objects scanned: 359767
Time elapsed: 1 hour(s), 10 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

A:Antivirus IS Malwarebytes log- no detection

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 2 answers
RELEVANCY SCORE 46.8

Is a portable antivirus enough protection with Malwarebytes Pro?..or commandline scanner etc..I would really like to get away from free av's and dont want to pay for a program and todays programs are getting so big and memory hogs

A:Is A Portable Antivirus Enough with Malwarebytes Pro?

Did you have a particular portable in mind?ClamWin Free Antivirus is useful if you want portable on a USB or Removable Drive, however, it does not include an on-access real-time scanner which means you need to manually scan a file in order to detect any malware.IMO, not having an anti-virus working in real-time in the background defeats much of its intended purpose to protect a computer. What is your objection to using a free anti-virus?

Read other 3 answers
RELEVANCY SCORE 46.8

Hi there,

I removed Antivirus 360 using Malwarebytes' Anti-Malware and its own log looked clean. Before I found this site I ran a spyhunter 3 scan which charges to remove files (probably as much of a skank as A360).

I ran spyhunter again after the Malwarebytes came up clean and it found:

Rogue.Antivirus360
Atlas DMT
DoubleClick

but charges to remove them.

The machine seems to be running ok and A360 hasn't done anything but I suspect it is a matter of time.

I've ran DDS and the log is included. If anyone could give it a look and let me know if I'm clean I'd be dead grateful. If you see any other filth or poison on there too let me know what to do.

You guys that do this rule. This is my ma's laptop and we'd be at a total loss if it wasn't for your generosity.

Log below...........

DDS (Ver_09-02-01.01) - FAT32x86
Run by tair at 8:49:50.22 on Fri 10/31/2003
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.453 [GMT 5:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchos... Read more

A:Antivirus 360 + Malwarebytes... Am i clean?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

Read other 2 answers
RELEVANCY SCORE 46.8

Hello, May I ask if its okay to install any anti virus if you have already a malwarebytes installed already?
If no, what is the complication that will arise if I install any anti virus?

A:Is it okay to install an antivirus if there is a malwarebytes already?

There shouldn't be any great conflict from installing both. Malwarebytes is used more as a when-needed scanner, whereas a dedicated antivirus will constantly protect the system it is installed on.

I use Avira Antivirus which is free and provides excellent coverage. Others swear by such programs as AVG for a free antivirus, or one of the best paid ones is NOD32 which I did have for a year on both of my machines and as expected experienced no viruses that it could not handle

Read other 9 answers
RELEVANCY SCORE 46.8

Hi all; I have a buddy and a client who have encountered the new variant of "Antivirus 200x" called Antivirus 360. According to the info on the BP removal instructions, it says all that is needed is Malwarebytes. I had installed MB on my buddies computer to remove Antivirus 2009, which it seemed to to a great job at. Now he's got Antivirus 360, and when he opened MB to update it, it wouldn't load. I also have a client with AV360-I tried installing the latest version of MB directly from my flash drive, which normally works beautifully, but it wont install the program. I re-read the removal instructions and admit, I can have some major blindspots, but I haven't seen any reference to this problem. Do I need to go into the Registry and remove keys and listed entries first? Any suggestions? Thx!

A:ANTIVIRUS 360 Cripples Malwarebytes

Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it. Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run.

Read other 4 answers
RELEVANCY SCORE 46.8

My wive unknowingly tried to click the popup off and we were off to the races with Anitvirus XP 2008 at about 1:30 pm yesterday Sunday 8/24/2008 after church. I went to bed last night @ 1:45am and still did not have it all cleaned off. What amazes me is how this thing can take control of my Firefox and IE browsing pages. It will allow you to view some, but if I try to look that this website or AVG or any antivirus site that might help clean this up I get a "connection error" or it diverts me to some weird sales page or search page. On Google, it would have a search image to wanted me to click on the image for the word that I was searching for to make sure that is what I really wanted. It was not google's website for this search image but a IP address (206.161.....not home right now). When I tried to go to a Whois Lookup site to check the IP # it totally disconnected me from my networking icon (which "X"ed out) in the right hand of the system tray. This is an elaborate virus...gets major control. My question is does this Malwarebytes Anti-Malware software really clean it adequately or should I backup and reinstall my windows XP? I have a friend who is a PC repair owner and he has been backing up and reinstalling to fix this. He says he has had forty people this month who he has helped. He believes that this is getting through the antivirus and firewalls software packages because of using Firefox and by checking to allow updates in Firefox that... Read more

A:Does Malwarebytes work with AntiVirus XP

does this Malwarebytes Anti-Malware software really clean it adequatelyIn many cases it can. However, in some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. In those cases, recovery is not possible and the only option is to reformat, wipe your drive clean and reinstall install the OS. I would give MBAM a try first.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selec... Read more

Read other 3 answers
RELEVANCY SCORE 46.8

thanks for your help, I am brand new bleepingcomputer user. I have antivirus.net and can't get rkill and malwarebytes to get rid of it. I run rkill and it seems to run but does not list any processes that it terminated. I run malwarebytes and it runs for a while then the computer just shuts down. DOne it 3-4 times now. I am running in safe mode with XP.

thanks!
gfindell

A:rkill-malwarebytes and antivirus.net

got it fixed. thanks.

Read other 1 answers
RELEVANCY SCORE 46.8

I had the Antivirus Pro 2010 virus a few weeks ago. Since removing it I've been running my antivirus software (PC-cillin) and Malwarebytes on a regular basis. It seems Malwarebytes is almost always finding something and I've been deleting the malware when it is found.
However today I was not able to run either program. And the computer seems to be very slow. I'm also getting the following error message:
tsc.exe
Instruction at 0x7e419de9 referenced memory at 0x0054dbd6. Memory can not be read.

One other note, while it seems I'm still able to go to most websites, when I tried to go to one for an organization I'm affiliated with (www.ohiovalleyemmy.org) the browser locked up. Kind of looked like it was being re-directed, but I used end task to close the browser. Since I'm an administrator for the organization I was concerned there was some sort of virus on the site, but other people have gone to the site without problems.

Any help would be greatly appreciated. Not being able to run my anti-virus software makes me nervous!

Here's my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:01:28 PM, on 11/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WIND... Read more

A:Antivirus software, Malwarebytes won't run - HJT log

UPDATE:
I did a system restore to a date from last week and all seems to be working again. I did a complete system scan with Malwarebytes and with PC-cillin and both came up clean.

Late last week Malwarebytes kept finding a backdoor.bot file but that seems to be gone now.

So, I think my problem is solved.

Now to figure out what's going on with the organization's website!
 

Read other 1 answers
RELEVANCY SCORE 46.8

Windows XP service pack 3, Media center adition.
Something changes things on my computer but Malwarebytes and Norton AntiVirus dosn't see anything.
My startup list has suspicious things in it and my mouse keeps moving sporadically. My computer
freezes now and my tweaking.Com stopped working and mySystem Mechanic stopped working as well. My
search for files and folders section is now blank with no search fields just a little
yellow dog on a blue background, Help and Support Files won't open. Now today when I tried to sign up for a fishing forum
website, it wouldn't let me it said we're sorry but your IP address and/or email address has been flagged as a
source of spam.

A:Malwarebytes and Norton AntiVirus don't see anything.

Welcome aboard   System Mechanic is not recommended and I suggest you uninstall it.Registry cleaners/optimizers are not recommended for several reasons: Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entr... Read more

Read other 15 answers
RELEVANCY SCORE 46

I have looked on several sites and posts...tried a lot of ways to get this off, but to no avail. Can someone help please???

A:Xp Antivirus Help Please - Malwarebytes Software Not Working

Hi chuckw47,

Can you update Malwarebytes, rerun it, and post us a log. That will give us an idea of what problems exist. Thanks!

Read other 1 answers
RELEVANCY SCORE 46

Computer is infected with the antivirus IS malware, first time ever on this laptop It hijacks practically everything, won't let me open programs.Have done Malwarebytes several times (full scan after running Rkill) in safe mode with no indication of infection but it is still there in normal mode. How badly infected is it?DDS:DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Fuad-al Ali at 15:19:52.57 on Fri 10/01/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2940.2120 [GMT -5:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\Explorer.EXEC:\Windows\system32\ctfmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Use... Read more

A:Antivirus IS malware - DDS, Gmer, Malwarebytes log

Problem resolved Just updated malwarebyte's to 10/1 patch, ran rkill, ran malbyte's and cleaned. Thanks. Please close topic.

Read other 2 answers
RELEVANCY SCORE 46

I am using Malwarebytes pro along with baidu antivirus whenever avira engine starts updating Malwarebytes web shield blocks IP address which belongs to baidu saying that malicious IP address blocked why?
 

A:Malwarebytes blocking Baidu Antivirus IP

The IP address is either blacklisted or there is somehow a conflict between the two products resulting in Malwarebytes blocking it (I highly doubt this is the case and believe it's the first one). False Positives are possible but if it was blacklisted then Malwarebytes must have had a reason to do this.

You can contact Malwarebytes for support about this issue here and see what they do:
https://www.Malwarebytes.org/support/

Personally aside from this issue, I recommend against using Baidu. I recommend you use Avira Free Antivirus instead: http://www.avira.com/en/avira-free-antivirus - of course should you like Baidu and wish to keep it then feel free to do so, but my advice would be to remove it in exchange for Avira Free Antivirus.

Regardless of whether Baidu has the option to enable the Avira engine, this does not mean it will have all of the Avira detection necessarily. I think you will be better off with Avira Free (unless you wish to purchase Avira Antivirus Pro, in which if you were purchasing a product over using a Free one I would recommend a different product).

Cheers.
 

Read other 2 answers
RELEVANCY SCORE 46

Mod Edit: Moved to Antivirus Tools ~~ boopme
Hey guys, recently my laptop was brutally destroyed :3 and I never realized how bad it was intill it was gone so yesterday I ordered a new one (Specs are below) so im gonna start new this time. When I get it im gonna start downloading Windows 10 via the Media Creation Tool I am a experianced user, but not sure about this.
Will Avira AntiVirus (Paid) work with the paid versions of MalwareBytes and SuperAntiSpyware
Thanks in advance
Specs of the laptop
-------------------
Intell core i7-5500U
GTX 950M
8GB RAM
256 SOLID STATE DRIVE

A:Avira AntiVirus with MalwareBytes and SuperAntiSpyware

Hello,Avira should be compatible with Malwarebytes Premium and SAS. You can add exclusions of each program to each other just in case.

Read other 53 answers
RELEVANCY SCORE 46

Hi, first time poster, long time reader. Hope I've followed the rules so far. Thanks for all the good stuff you do. I have a friend's laptop and thought I had removed antivirus pro from it. He now has the paid version of AVG 9. I gave it back to him and the virus returned within 30 minutes. Can you please check through the attached logs and let me know if it is in fact gone and whether you would like to see any other logs ? Thanks heaps.

A:antivirus pro removed by malwarebytes and has returned

Hi, welcome to the BC Forums. My username is Raktor, and I would be glad to help you with your malware issues. I'd be grateful if you would note the following:Absence of symptoms does not always mean the computer is cleanPlease do not run any scans or fixes without my direction.Finally, stay with this topic until I give you the final 'All clear' post.Download Combofix from any of the links below. Link 1Link 2==================================Disable all antivirus and antispyware applications, then double click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt so we can continue cleaning the system.

Read other 9 answers
RELEVANCY SCORE 46

Hello...I have been trying for days to remove these pop ups I have been getting. Most have been from Antispyware 2009 where it is doing a free online scan stating I have various critical spyware and trojans. Other pop ups include a series of two different IE windows opening with a constant string of tabs opening up inside them. All blank pages it seems. I have to use task manager>end task to close them. Other pop ups I have been getting come after I use google. A new tab in firefox opens up and in the address bar, in the link, it states whatever it was that I typed in my search.

As the topic states, I have tried using Malwarebytes to remove any infection I have, but the problems still persist. Any help would be greatly appreciated as I have been banging my head against the wall for days without any success.

Also, when I log in, I get a missing dll error. Says I am missing c:\windows1\system32\vatokivu.dll. I have searched and can't find any info on this.

I run Microsoft Windows xp 64, use Mozilla Firefox 3. I have tried SuperAntiSpyware, Malwarebytes, swdoctor and quite a few others. Again, any help would be greatly, greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:06 PM, on 1/21/2009
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MD... Read more

Read other answers
RELEVANCY SCORE 46

My laptop (XP Pro) got infected with antivirus_pro_2010 last night. Since then it has disabled malware bytes, defender, spybot and hijackthis. Search engines bring up random ads for bogus antivirus software in IE and Firefox.

I ran Spyware Doctor, it found a bunch of infections and "cleaned" them, but nothing has changed.

Because I have no patience I already ran ComboFix. I have a log I can post.

Thanks,
Greg

A:Infected with Antivirus pro 2010, malwarebytes won't run

Moved from HJT to a more appropriate forum. TwComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Read other 3 answers
RELEVANCY SCORE 46

I have a windows XP computer sp-2
We have a virus (fake antivirus) program which is interrupting all our programs and has locked us out of C: prompt, taskmanager and all of the version of Rkill (rkill.pif, .com, .scr, etc). When we boot in Safe mode the virus does not load so when we run malware bytes it finds the computer to be clean. We can't even run malwarebytes from a regular boot.

I also have security essential installed.

Please help

Thanks
Neil Rubin
my email ,,, REMOVED to protect from spambots

A:Fake Antivirus - can't run Rkill or Malwarebytes

Hello and welcome. I moved this from XP to the Am I INfected forum. Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your comp... Read more

Read other 9 answers
RELEVANCY SCORE 46

Hi,

So I did the steps in the Instructions, BUT I made a mistake in the beginning, at first I started going off this post: http://www.techsupportforum.com/f100...es-359912.html - Which helped me access the internet, and so I already ran ComboFix, and only read later it could hurt a lot

Well this is what happened, I used rkill and Malware bytes to try to get rid of Antivirus 2009, that kept popping up and also saying random things were infected (like .dll file and such). And I tried manually looking for all those processes and things on my computer using another site. Anyway, my internet stopped working, IE, Firefox and Chrome - the proxy server. But I was able to bypass that with firefox because of tentonbob's advice with the other guy.

So here are my results (attached is Attach.zip which has both Attach and Ark in it, and this is the DDS report):

----

DDS (Ver_10-03-17.01) - NTFSx86
Run by adith at 12:43:38.27 on Tue 07/20/2010
Internet Explorer: 8.0.6001.18928
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3032.1653 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\S... Read more

A:Malwarebytes Problem - Used to Get Rid of Antivirus 2009

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I need to see your ComboFix.txt log.

Go Start > Run and copy/paste the following single-line command into the Run box and click OK:

C:\ComboFix.txt

A text file should open. Please post the contents of that file in your next reply.

------------------------------------------------------

Read other 19 answers
RELEVANCY SCORE 46

Hello everyone,I'm having a really bad night! Somehow I got infected with Antivirus Soft.I tried getting rid of this by myself. I followed the directions exactly. Yet, when I ran the scan with MalwareBytes it said there were no infected files, meanwhile the popups of porn, viagra, and the damn false alerts kept coming! These are the steps I followed exactly:http://forums.malwarebytes.org/index.php?showtopic=39312Yes, I was able to update it to the latest database version but it still didn't get rid of Antivirus Soft!I could really use some help.I'm hoping someone can tell me how to get rid of this with combofix.Thank you in advance!My OS is Windows XP Home.

A:I'm infected with Antivirus Soft-MalwareBytes Did Nothing! Please Help!

Hello please run RKill.... then rerun MBAM.Please download Rkill by Grinler and save it to your desktop.Link 2Link 3Link 4Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.You will need to run the application again if rebooting the computer occurs along the way as the malware programs will start again.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Read other 1 answers
RELEVANCY SCORE 46

Hello,I was without antivirus protection for about a few weeks and a trojan got on my computer. It was redirecting all my internet pages to google search, or I would see a google error code. Then, upon starting up my computer, my computer would restart to "protect itself" several times before I was able to use it. I quickly went out and bought Defender Pro 2012 and was FINALLY able to install it on my computer. After it scanned and "removed" the malicious files from my computer, it installed and said my computer was protected. However, it was still rebooting upon start. So I disabled all the unnecessary start up programs including my Dell Dock, and ran Malwarebytes. It found 2 Trojans and said I needed to restart to completely remove them. However, after restarting, they are still there.The trojan that Malware bytes NOW detects is:Trojan.Agent C\Windows\svchost.exeWould it be okay to get help running ComboFix, to see if it truly cleans my computer?Thanks so much!Oh, I have:Windows 7 Home Premium , 64 bitService Pack 1Dell Studio XPS 8000Intel Core i7 CPU 860 @ 2.8GHz 2.79GHz6.00 Gigs Ram

A:Trojan that's unaffected by Antivirus and MalwareBytes

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At... Read more

Read other 24 answers
RELEVANCY SCORE 46

** EDIT ** IT's WORKING!!! IT's WORKING!!!Not sure what's going on, but everything is back to normal now. I rebooted and, for now anyway, everything seems to be OK, so... I guess ignore everything below. Hopefully I won't have to come back to re-ignite this question... I'm a little embarrassed, but even more relieved. Sorry for the false alarm!** / EDIT **********************************I went through the processes of trying to get rid of Antivirus System Pro, but my Internet Explorer is still not working; it gets hijacked to something like http://search.hotspotshield.com/.... I was lead here to try to resolve the rest of the problem, and I've been doing my best to follow the steps to provide everything I can. Now I'm just hoping someone here will be able to help me out. To anyone who can... thank you very much in advance! I've attached Attach.txt and ark.txt. I thought I read that there was something I was supposed to zip before attaching, but now I can't find that. If I've forgotten something, I apologize.Here is my DDS log:DDS (Ver_09-12-01.01) - NTFSx86 Run by Administrator at 18:39:15.78 on Tue 01/19/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.91 [GMT -7:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchSVCHOST.EXEC:\WINDOWS\System3... Read more

A:Removing Antivirus System Pro w/ Malwarebytes

Hello.Since the problem appears to be resolved, this topic is now Closed.If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.This applies only to the original topic starterEveryone else please start a new topic.With Regards,Extremeboy

Read other 1 answers
RELEVANCY SCORE 46

Hello,

Suddenly my computer started getting a popup saying that my computer was being attacked. When I clicked "Yes" to block the attack, I was taken to a fake "AV" Antivirus website asking me to purchase this in order to remove the spyware.

Also, it will not allow me to run MalwareBytes - has a message saying "file infected". Can't run AVG antivirus or AdAware either or the Chrome web browser.

I tried to run HiJackThis and I got the same message saying "Cannot open - file infected".

The specific message of the antivirus is:

"Antivirus Software Alert -
Your computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan - dropper or similar.
Details: Attack from: <various IPs that change>
Do you want to block this attack? Yes or No"

I cannot run programs that would allow me to take screenshots either - sorry I cannot provide these.

How do I get rid of this???

Here is my system info:

Windows Vista Home
Pentium Dual core cpu T4200 @ 2GHz
3 GB RAM
32 Bit

Thanks in advance.

A:AV Fake Antivirus Popup / Can't run MalwareBytes

Try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then boot into Safe Mode and double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Read other 1 answers
RELEVANCY SCORE 46

My computer got attacked by the Antivirus.net virus tonight. I got into the task manager, found the process that didn't belong and shut it down. Fixed my proxy settings to get the internet working again. After a google search confirmed what I knew to be a virus, I downloaded Malwarebytes Anti-Malware and ran the scan. It detected the program and I had it remove it. At that point it told me I needed to restart to complete the removal. It shut down slowly but properly, but when it came back I never got any Windows startup screens, it gets through the ide drive scan then I get a black screen with just the LCD backlight on. I hit F8 on the next restart and got to the safe mode screen but safe mode and last known good configuration both just return the same black screen.

Don't have any logs I can post due to the impromptu lack of being able to get windows to start.

Any advice on how to get this up and running again? If it helps, its an ASUS motherboard, Intel processor, WD hard drive running Windows XP with Avast/AdAware/Spybot as my antivirus/security setup. The system and software are almost 7 years old, last Windows reinstall maybe 4 years ago when I put the new motherboard in. Ran like a champ until tonight. If not possible to recover the entire system, I would as a minimum like to attempt data recovery, it is a 200GB drive last backed up 3-4 months ago so I'd lose a fair amount of data from the past few months.

A:Malwarebytes/ antivirus.net related crash

Hello, and welcome to BleepingComputer!Try this please. You will need a USB drive.Download GETxPUD.exe to the desktop of your clean computerRun GETxPUD.exeA new folder will appear on the desktop.Open the GETxPUD folder and click on the get&burn.batThe program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.Click on Start and follow the prompts to burn the image to a CD.Remove the USB & CD and insert it in the sick computerBoot the Sick computer with the CD you just burnedThe computer must be set to boot from the CDGently tap F12 and choose to boot from the CDFollow the promptsA Welcome to xPUD screen will appearPress FileExpand mntsda1,2...usually corresponds to your HDDsdb1 is likely your USBClick on the folder that represents your USB drive (sdb1 ?)Press Tool at the topChoose Open TerminalType the following and press enter:

dd if=/dev/sda of=mbr.bin bs=512 count=1

Press EnterAfter it has finished a file will be located on your USB drive named mbr.binRemove the USB drive and insert it back in your working computer and navigate to mbr.bin, zip it up and attach it to your next reply.This will allow me to have a look at the MasterBootRecord of your drive and see if it is infected.

Read other 2 answers
RELEVANCY SCORE 46

Ello'.
I've been trying to fight off a fury of viruses that managed to infect my pc, but this one won't seem to budge. It's one of those fake antivirus programs that continually clogs up my system and pops up an obnoxious amount of times with prompts and warnings. :/ As you can guess I'd prefer get rid of it.
As I've mentioned, Malwarebyes antimalware won't run, and is replaced by the program's own fake scanners and such the like.

I've already used SUPERantispyware to do some of the cleanup, but it's not picking up any other threats.
So, a little help?
I've had trouble with Trojan.Vundo in the past, and I was sure I cleaned my system back then. Not sure if this is any trace of it, though.
And...my apologies for not being the most computer savvy, easy to understand terms would be most helpful and welcomed. Thank you!
Here's my Hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:25:07 AM, on 3/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\... Read more

A:Removing Antivirus 2010, Malwarebytes won't run

Ah, I forgot to mention.
Not sure if this is related to the current problem, but I was using Google Chrome as a browser before this entire mess started. I was receiving quite a few redirects when searching with google, having it lead to various unrelated ad pages each time I searched and whatnot.
However, the browser has stopped functioning all together, the white loading page failing to load and the program giving me a command to 'kill' the pages.
Switched over to firefox, as it's the only working browser on this machine.
No other computers on the network appear to be having this problem, including the virus. >>;

Thanks in advanced for any help you are willing to provide~! C:
 

Read other 2 answers