Over 1 million tech questions and answers.

Rogue security product claims to be Microsoft Security Essentials - Oct 22, 2010

Q: Rogue security product claims to be Microsoft Security Essentials - Oct 22, 2010

Rogue security product claims to be Microsoft Security Essentials.

F-secure reports:
This malware is distributed via drive-by-download attacks as hotfix.exe or mstsc.exe (md5: 0a2582f71b1aab672ada496074f9ce46).Click to expand...

-- Tom

RELEVANCY SCORE 200
Preferred Solution: Rogue security product claims to be Microsoft Security Essentials - Oct 22, 2010

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Rogue security product claims to be Microsoft Security Essentials - Oct 22, 2010

Thanks for sharing.

Read other 2 answers
RELEVANCY SCORE 112

I seem to be in a tiny handful of people who have caught the ridiculously annoying rogue virus that titles itself with Microsoft Security Essentials. Characteristics of the virus include recommending other 'anti-virus software' that are all recolors of the same thing. This is the most annoying virus I've ever come across. Every program I try to open the virus instantly shuts down and requests a security scan. In safe mode the virus still persists and when I switch to the other user on my PC it sometimes shows just a background. Even when I try accessing the registry from the Run option it pops up. I have never used the registry to manually delete a virus, but even if I wanted to I could not. I did however get the registry to randomly work last week, and tried my best to find the file there. Used the registry name I saw on multiple websites last week but I failed.

I deleted all the antivirus software except Malwarebytes since it's always been successful with viruses I've happened to get on my computer. Not this one. Malwarebytes can't even find it. I've even tried iexplore.exe and the virus instantly shuts it down. Tried renaming iexplore and it still instantly shuts it down. Can't access any internet browser. I can get into My Computer and Control Panel.

I could not get the dds unfortunately since the virus shut it down. I did get GMER to work.

I appreciate all help and effort.

A:Microsoft Security Essentials Rogue Virus Help!

Hello -

Try using this version of DDS.

http://download.bleepingcomputer.com/sUBs/dds.com

If need be, try running it in Safe Mode. Normal Mode is preferable though.

Restart your computer and boot into Safe Mode by tapping the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.

---------------------------------------------------------------------------------------------

If DDS still won't run, try this tool:

Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.



---------------------------------------------------------------------------------------------

Read other 19 answers
RELEVANCY SCORE 104.4

Microsoft has aggressively promoted Security Essentials until not a long time ago, saying that it provides at least similar protection as any other anti-virus product, including rival software from Kaspersky, ESET, Symantec, or Bitdefender.

Holly Stewart, senior program manager of the Microsoft Malware Protection Center, admitted in an interview with Dennis Technology Labs, a company that performs anti-virus tests on a regular basis, that Security Essentials is indeed designed to remain ?at the bottom? of all rankings, so users should really install third-party protection.

The surprising statements are actually supposed to show that Microsoft is trying to work with partners and security companies across the world as much as possible, with Security Essentials holding a key role in this collaboration.

The tech giant is keeping Security Essentials fully updated in order to provide the protection users need, so any other piece of software that achieves better results than this one is clearly capable of providing advanced security features.

"We had an epiphany a few years ago, back in 2011, where we realised we had a greater calling and that was to protect all Microsoft customers," Steward was quoted as saying by PC Pro. "But you can?t do that with a monoculture and you can?t do that with a malware-catching ecosystem that is not robust and diverse."

The Microsoft rep admitted, however, that Redmond previously invested a lot of money t... Read more

A:Microsoft Admits That Security Essentials Is Just a Basic Anti-Virus Product

I read a comment of member in malwaretips about "why they consider MSE as a baseline." so i think it is crystal clear now.
 

Read other 8 answers
RELEVANCY SCORE 104.4

A screen appears...(lower right)...warning me that an attempt has been made on my pc....microsoft security essentialls recommends removal...the threat is classed as severe(topic title is shown).......i click on "more details"...and it shows the location....
C:\doc and settings.hp_admin\localcettings|applicationdata|mozilla\firefox\profiles\smtn1fh8.default\cache\d65a67a9d01-7(swc)

I allowed MSE to remove it.
I then ran MSE ...full scan....jus to check. All good
I then looked in MSE's history, to try and further identify it.....there is no record of it there....not in quarantined, or in
"all detected items"
I feel I may have been conned !...
also ran malwarebytes.....zip
DDS (Ver_10-12-12.02) - NTFSx86
Run by HP_Administrator at 18:07:12.70 on Mon 13/12/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2516 [GMT 11:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\sp... Read more

A:Exploit:swf/cve-2010-2884.c Microsoft Security essentials....

Hello and welcome to Bleeping ComputerI'm judicandus and I'll be helping you out.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.Please post a DDS log and Gmer log. For instructions please read this post:http://www.bleepingcomputer.com/forums/topic34773.html

Read other 2 answers
RELEVANCY SCORE 102

I got sucked in at 2am the other day. Now have been infected with the Microsoft Security Essentials Alert malware and rootkit. Actually fell for one of the "online scan" prompts and now have something called AntiVirus 2010 on machine.Tried all the suggested removal steps. This version of the infection has squashed all attempts to run rkill or the other named versions. Tried running after booting safe mode but rkill found nothing. Did manage to install and run current Malwarebytes antimalware but it didn't find anything. My Avira did appear to find a couple bad files which I quarantined but no help there either. Pretty much stuck at this point. Am requesting help. I have run the recommended programs and will include and attach the requested files here as instructed.Thanks for any help. I have spent a whole day so far trying to clean my computer and I'm pretty stuck at this point. JimHDDS (Ver_10-03-17.01) - NTFSx86 Run by Jim at 14:03:32.50 on Thu 09/16/2010Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.263 [GMT -7:00]AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Sandboxie\SbieSvc.exeC:\WINDOWS\system32\svchos... Read more

A:Infected with fake Microsoft Security Essentials Alert and AntiVirus 2010

Hello hawleyj ,Sorry for the delay. If you still need help, please post a new DDS/HijackThis log and I'll be happy to look at it. Thanks,tea

Read other 2 answers
RELEVANCY SCORE 95.6

Following on from http://www.bleepingcomputer.com/forums/ind...p;#entry1928024. C:\Windows\Temp\reoD7D.tmp (Rootkit.Dropper) shown by MBAM, along with some trojan results. I think the trojans have gone after telling MBAM to remove them, but apparently the rootkit is still there.GMER crashed a few times and caused some blue screens, managed to get it to finish eventually but only in safe mode.Thanks for any help.DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Andy at 22:00:20.77 on 15/09/2010Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_06Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.44.1033.18.2046.1357 [GMT 1:00]AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe ... Read more

A:Trying to recover from rootkit , Security Suite and Fake Microsoft Security Essentials

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open wit... Read more

Read other 2 answers
RELEVANCY SCORE 95.6

Problems:While googling it redirects me to sites - "http://directagain.net/in.php?source=7777&q=&suid=1101&rnd=3xz%2B1mgzFz9AZ7RtJ0%2Bx2w%3D%3D"and"http://www.ihavenet.com/?search=&n=1355828587"(there are some more redirections, but at the moment these are the most frequent)After copying "http://www.ihavenet.com/" from address bar or search bar it pastes "google.com" (I'm using Firefox atm).Bigger problems:Microsoft Security Essentials starts only for the moment on the boot-up and after that is gone.I can't turn on Windows Security Center Service.I tried:Starting WSCS from services.msc and setting it to "Automatic (Delayed)" and after restarting PC..same.Reinstalling MSE didn't work.I used CCleaner. And please tell me is cleanpcguide.com valid site?Did the scan with AdwCleaner and deleted all the threats.Did the scan with Malwarebytes Anti-Malware and deleted all the threats.Did the scan with TDSSKiller and deleted all the threats.I've made "Windows Defender Offline" Bootable USB and did the scan. It only found keygen that I've never used. Deleted it.I did a little "house cleaning" (nice, yeah) but the problem is still there!If someone have an idea what's the problem, please help. Thanks in advance.Sorry for this big post, and I appreciate for you time.

A:Can't turn on Windows Security Center Service, Microsoft Security Essentials is also off

[delete this post]

Read other 21 answers
RELEVANCY SCORE 95.2

Hello guys (and girls),I don't give up very easy, that's not really my thing.But this here, is really out of my league.I feel like giving up at this point and leave the Digital Western World to go live in a cave.I am trying over a week now to get rid of Microsoft Security Essentials.I even suspect that there are two different Trojans/Programs running (Security Tool & Microsoft Security Essentials.I think I really tried everything. Running Rkill.exe to stop processes. Ran malwarebytes at least 50 times, threw the outcome away, but it will pop up right after restart. Ran Spybot S&D, threw stuff out of the registry. Nothing seems to help What the programs do is that everthing is considered a virus by one of them (MSE/ST), the Pop-up will say: "firefox.exe is a virus", ctrl+alt+delete+ a virus, etc;* Websites as: Trendmicro Housecall and SuperAntiSpyware are being bloked;* Programs like Ad-Aware and TweakXp are impossible to install;I read a lot of post from people that said that after they ran MalwareBytes, everything was nice and clean again... IMPOSSIBLE! It keeps on popping up, no matter what I throw away. I really am out of possibilities right now.I really am thinking about ditching my laptop (even though I am very attached to it).Especially when I read some scary stuff.When I tried to run Combofix.exe (without helper, figured I have nothing to lose) the .exe removed itself from my desktop saying:"maybe you have some sort of Virut-Virus?&... Read more

A:Microsoft Security Essentials / Security Tool = Mission Impossible!

have you tried Superfreeantispyware you can get it at download.com.when scan is finished and you press next (eg 57 items found)make sure all boxes are ticked.

Read other 20 answers
RELEVANCY SCORE 94.4

Is the above enough security or should I be going for an anti-virus program as well?

A:Is Microsoft Security Essentials and Windows Firewall enough Security?

MSE is fine.
If you need extra security, Malware Bytes works well with MSE.

Read other 9 answers
RELEVANCY SCORE 93.2

This is my final attempt to get help before reformatting the drive, which will really harm my small business since I have many essential programs running on my computer. PLEASE HELP, as I have been ignored at another forum, and could not get any help and desperately need it.My computer was recently infected with Security Essential Rogue Spyware Software, that included Antimalware Doctor. With it came a variety of nasty Malware.I ran Avast, MalwareBytes and BitDefender which had cleaned up several Trojans that were created from that infection and I also was able to remove Security Essentials and Antimalware Doctor programs using rkill to stop the process and deleting the exe files. The pop ups that kept coming from Security Essentials and Antimalware Doctor have stopped and I think that program has been eradicated, But, I am still badly infected with something that neither Avast. MalwareBytes nor Bitdefender is detecting, all scans are running clean, BUT, I am still having major issues. Symptoms: The main problem now is that when I surf the web, I am getting redirected to bad sites, when I click on websites from Google search result pages, when I click on them, especially anything related to Malware removal, I am redirected to some phishing, attack or advertising sites. A virus seems to be blocking Windows Update from running, or from me even accessing that website itself, all I am getting is an error page. Also, I tried to download Spybot and Comodo Firewall and that is bei... Read more

A:PLEASE HELP!!! Infected From Rogue Software - Security Essentials

Hello and and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have since resolved your issues I would appreciate if you would let me no so I can close this topic,We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%SYSTEMDRIVE%\*.exenetsvcsmsconfig/md5startproquota.exeeventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.sys/md5stopCREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThanks

Read other 22 answers
RELEVANCY SCORE 92.4

Which is better? I have AVG 9 til 2018, full version, but I'm considering MSE. Which is better? Which do you use?

A:AVG 9 Internet Security v Microsoft Security Essentials

If it's working for you, it doesn't matter too much what everyone uses

Personally I use MSE as on access, with MBAM and Hitman Pro for on demand.
AV comparatives has some good info...

Read other 8 answers
RELEVANCY SCORE 92

Hi
 
I wonder if you would be good enough to look into a possible infection with Rogue:JS/FakeCall.D
 
Running MS security essential scans and then, after a brief pause at svchost, flags up
 
"preliminary scan results show that malicious or potentially unwanted software might exist on your system. You can review detected items when the scan has completed"
 
then it continues running and ends with no history and no items to be removed or quarantined. It doesn't finish properly in my view because it doesn't state"no infected items"
One time only it found Rogue:JS/FakeCall.D allowed me to remove it but when another scan is run the same message and behaviour repeats.
MBAM is clean as are various stand alone scanners such as ESET online scanner.
Please could you have a look at the log and maybe its a false positive (fingers crossed).
 
​PC no odd behaviour I can find maybe browsing hangs now and then.
 
Many thanks in advance.
 
 
Jim
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
Ran by Admin (administrator) on ADMIN-PC (13-06-2016 23:20:16)
Running from F:\Downloads
Loaded Profiles: Admin (Available Profiles: Admin & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic... Read more

A:MS Security essentials partial recognition of Rogue:JS/FakeCall.D

Hello eldoctore and Welcome to the BleepingComputer.  
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.
Before we move on, please read the following points carefully.
Please complete all steps in the specified order.
Even if tools don't find malware, I want you to post the logfiles anyway.
Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
Don't install or uninstall software during the cleanup unless you are told to do so.
Ensure your external and/or USB drives are inserted during always the scan.
If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
Please reply to this thread. Do not start a new topic
As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
Please open as administrator  the c... Read more

Read other 0 answers
RELEVANCY SCORE 90

I was infected with the Security Essentials Rogue Spyware Remover and with it came a variety of Trojans and I suspect a Worm and Rootkits. I was able to use a Processor Killer to stop these from running, and then I deleted the exe files from the system, which stopped the constant pop ups and fake virus alerts on my desktop. I then ran MalwareBytes that detected two more Trojans that it had removed (supposedly)

I then ran a ful Avast scan, and was getting over 15 Rootkit and Virus alerts, many of which were various files such as these:
C:\System Volume Information\_restore{29718263-2E3D-4777-88DC-670F0D1D9EE0}\RP381\A0045419.exe - There were about 15 different ones with different file names. When I googled the file extension, such as A0045419.exe, I found that these are indeed rootkits or worms.

Sending them to virus chest in Avast does not seem to be working. I also notice in the HijackThis log that is posted below that while I thought I had deleted all traces of Security Essentials, and am NO longer getting those pop ups to buy the software or virus alerts from it, seems to still be running on my system. - THANK YOU!

UPDATE: When I surf the web, and especially look into comp virus or security items, I am getting redirected to different pages than what is shown in Google search results and different than what I actually searched for.

UPDATE 2: Ran Avast again, and it find a rootkit -Win32-Rootkit-gen[Rtk] -successfully moved to chest.

BUT, there is still infection, the ... Read more

A:Security Essentials Rogue Spyware Remover - Caused Rootkits and Torjans

Still anxiously waiting for help, cannot use my computer until this is resolved.
 

Read other 1 answers
RELEVANCY SCORE 88.4

Hi all first timer,Need some help..Coimputer running xp pro has been infected...Running AVG..but didn't remove...Installed reatogo-x-pe to recover or ensure still had files...have OPLPE notepad txt..What do I do now?Mapes

A:security essentials 2010

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers
RELEVANCY SCORE 88.4

I am posting these logs here as instructed by "boopme". Topic referenced is here: http://www.bleepingcomputer.com/forums/t/297225/security-essentials-2010-help/ ~ OBI have gone through the removal steps to remove Security Essentials 2010, and the computer is mostly back to normal. Now I get random IE windows opening up to various search engines and I am unable to install XP SP3 with the following error message:"The file c:\windows\system32\SERVICES.EXE is in use by another application". I need help finding the last remnants of this infection.Thanks.DDS Log:DDS (Ver_09-12-01.01) - FAT32x86 Run by Ellis at 16:42:41.17 on Tue 02/23/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.366 [GMT -5:00]AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXEC:\Program Files\Java\jre1.5.0_11\bin\jusched.exeC:\Progr... Read more

A:Security Essentials 2010

Hello,My name is Syler and I will be helping you to solve your Malware issues.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%SYSTEMDRIVE%\*.exenetsvcsmsconfig/md5startproquota.exeeventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.sys/md5stopCREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimized

Read other 28 answers
RELEVANCY SCORE 88.4

hi everyone

im sooo glad i found this forum, please help me!

I have somehow managed to get security essentials 2010 on my pc and its saying i have a virus and change my desktop image and everything. i have searched online about how to fix it but everything they have suggested doesnt work.

they suggest that i try and delete the process from task manager but i cannot get to task manager since "the file is infected" the same with the registry which they suggest i use to delete the files

dont know what to do and really need my pc. at the mo i am running a full system scan with my anti virus software but apart from that i have no idea what to do.

any suggestions on how to stop it without having to download more stuff?

thanks in advance

A:Security Essentials 2010 HELP!!!

Hello,There is a removal guide for this infection here: http://www.bleepingcomputer.com/virus-remo...essentials-2010Orange Blossom

Read other 4 answers
RELEVANCY SCORE 88.4

Please go to the attached link for more information;

Security Essentials 2010 Is Not MSE. Don?t be misled. - Windows 7 Forums

Thanks to our member JMH for alerting us to this

A:Security Essentials 2010, IS NOT MSE

Thanks for sharing, and congratulations on the new badge .

Richard

Read other 1 answers
RELEVANCY SCORE 88.4

I have been tryin to clean up a friend's machine that got infected with Security Essentials 2010. After running SuperAntiSpyware, MalwareBytes, Avira Antivirus most issues appear to be resolved. I still get occasional Browser redirects (Appears to be completely random), but usually the browser work like it should. Windows SP3 install fails with message - "The file c:\windows\system32\services.exe is in use by another application". Please help, if possible. I can post HJT logs if needed.

A:Security Essentials 2010 Help.

Hi, please run thru the guide here and see if things are better.Remove Security Essentials 2010 (Uninstall Guide)Post the scan log when done..Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.-- If you... Read more

Read other 5 answers
RELEVANCY SCORE 88.4

Hello,upon starting my computer security essentials basically takes over rendering it useless. I am unable to do anything. I found a program that will stop it from running (rkill) but it is still on my computer and i must do this every time I restart. I also have a new wireless adapter that wont stay connected to the internet for more than a minute, so I'm hoping that resolving the first issue will help resolve this one too.(not related to the issue, was installed long after I was having these issues and after i installed and used rkill) Thank you in advance for your time.DDS (Ver_10-03-17.01) - NTFSx86 Run by Zack's Account at 18:12:53.98 on Mon 05/17/2010Internet Explorer: 7.0.5730.13Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.684 [GMT -7:00]============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\explorer.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\Program Files\Viewpoint... Read more

A:security essentials 2010 (and maybe more?)

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.After you have run RKill do not reboot the machine till after you run this tool.Run Combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows u... Read more

Read other 6 answers
RELEVANCY SCORE 87.6

My computer has been infected with this spyware. The computer tech that I work with recommended your combofix program to detect and remove. He told me to follow the instructions closely. Do you have any further recommendations before I run your program tonight. DaveEdit: Moved from XP to the more appropriate forum ~ Animal

A:Internet security 2010 rogue antiivrus

Please read this topic first:http://www.bleepingcomputer.com/forums/ind...amp;hl=combofix

Read other 2 answers
RELEVANCY SCORE 87.2

My husband was downloading music, turned his back on the computer and when he turned back we had the blue screen telling us we had netsky worm. I tried to turn off system restore but that is gone and I get an error message. I went into safe mode and ran the fxnetsky.exe. After it finished it said there was no infection. I went back to my regular screen and it keeps giving me error message popups saying I'm infected, Critical Warning. It's wanting me to buy Security Esssentials 2010 and has created a desktop icon for SE 2010. I still have no system restore and am still getting error messages constantly telling me of the infection. What do I need to do? We have a dell desktop and use windows xp.

I posted on another board trying to get help and they asked me to download OTL and run it then post logs...... did that....then they asked me to run a custom scan fix with OTL using commands they gave me.....did that but I was unable to post the log from that because it did not create one. Then they asked me to run combo fix, but to turn off my antivirus first. That's where I'm stuck .... I can turn off the real time, but am unable to turn off the protection against virus and spyware. I asked them if I could proceed with the combo fix....that was yesterday I can't get a response, and have asked again for help. I would really like to rid my computer of the virus. What do I do?

Angelique

A:Security Essentials 2010 virus

Hello please try this first..Follow the Automated Removal Instructions for Security Essentials 2010 using Malwarebytes' Anti-Malware:from our guide here -->> Remove Security Essentials 2010 (Uninstall Guide)Please post the scan log and let me know how it is.

Read other 1 answers
RELEVANCY SCORE 87.2

Hello!I am running Windows XP.I think I am infected with Security Essentials 2010.Here's what immediately pops up every single time I restart the computer:After the countdown and clicking the left hand button, this comes up:and then:While I am on the computer, Firefox sort of works . . . I am infected with a redirect virus but I'm not worried about that right now . . . an old Netscape browser works just fine..Exe programs will not work. This is very troublesome.Each time I try to open one, I get a window like this:Other warnings that pop up are all of these:**** 1 of those 9 pops up on average approximately once a minute.Sometimes 2 or 3 pop up at the exact same time.Over the course of 1 hour, that's 60-70 pop ups that need to be closed.A couple of them, when working in Normal Mode, are accompanied by a loud pig-kind of squeal sound.I have run 4 different programs approximately 6 - 8 times each:Norman Malware CleanerSUPERAntiSpywareMalwarebytes' Anti-MalwareAVGI've run them in Normal Mode and in Safe Mode with Networking. Nothing has worked. A couple of times, Norman Malware Cleaner somehow got Security Essentials to not be able to work. I could then use .Exe programs. Unfortunately that fix was not permanent and now if I run Norman again, there will be no effect . . . like with all the other programs.After running Malwarebytes' Anti-Malware, it showed SecurityEssentials2010 and it was "eliminated." But it wasn't -- upon reboot... Read more

A:Security Essentials 2010 -- Cannot Remove!

Down RKill and save it to your desktop.

http://download.bleepingcomputer.com/grinler/iExplore.exe

Note that this programme has been named as iExplore.exe so malware will not target it.

Once it is downloaded, double-click on the iExplore.exe icon in order to automatically attempt to stop any processes associated with the malware. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by Security Solution 2011 when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Solution 2011 . So, please try running RKill until the malware is no longer running.

Then immediately run a quick scan with Malwarebytes and post the log.

Read other 1 answers
RELEVANCY SCORE 86.8

Can't seem to get rid of AntiVirus Studio 2010


DDS (Ver_10-11-10.01) - NTFS_AMD64
Run by loriables29 at 16:52:41.88 on Sun 11/14/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1787.871 [GMT -8:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.e... Read more

A:AntiVirus Studio 2010 rogue security software

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open wit... Read more

Read other 2 answers
RELEVANCY SCORE 86.4

This is not the legitimate Microsoft Security Essentials program.

You can read about it here.

Here is a screenshot of the fake trojan program.

------------------------------------------------------------
 

A:Warning! SECURITY ESSENTIALS 2010 Is A Trojan

Read other 7 answers
RELEVANCY SCORE 86.4

my computer has been infected by the malware security essentials 2010. It has infected my computer with rogue;w32/xp,virus.win32,nuker.win l6.bi...,riskware win32,trojan(dropper,download,clicker,spy,and W32), fraud tool.win3,exploit.html.a,worm:w32/del...,adware:w32/G and email worm B.A... Some one please help with a solution. this malware wont allow me to install any other anti-virus,so i dont know how to get rid of it....THANKS

A:removal request for security essentials 2010

Remove Security Essentials 2010 (Uninstall Guide)http://www.bleepingcomputer.com/virus-remo...essentials-2010

Read other 2 answers
RELEVANCY SCORE 86.4

Ok, so last week I got that Paladin fake anti-virus thing, I used the guides and got rid of it. Or at least I think I did as no more problems associated with it happened.

Now, just last night from a photoshop tutorials site I got this new Security Essentials one. So again I follow the guide here, malwareb, rkill.com etc. I then use hijackthis to remove some of the entries and finally CrapCleaner to clear temporary files and what not. Then I deleted the folders in the 'program files' associated with Security Essentials, and noticed there was still one on the C:drive left over from Paladin, phook.dll it was called. So I deleted all those, and restarted XP.

The computer now gets to the final loading screen, and reboots. I start in safe mode, reboots. Start in last config that works, reboots. Not one choice will allow me to fully login.

Any ideas of what I can do?

thanks

A:Removed Security Essentials 2010, now xp just keeps rebooting

Ok, I have taken care of this. I couldn't get any hlep with this subject on multiple forums. So luckily my most important files were backed up, and now I have bought a mac. Too many years of dealing with windows problems and lackluster help on any forum.

I have no illusions the mac will be problem free, but much better support.

Read other 1 answers
RELEVANCY SCORE 86.4

A couple weeks ago I got the Security Essentials virus that installed that program, plus a few other rouge scanners. I got that via the lovely pdf exploit. Anyway, after scanning multiple times with Malaware Bytes, finally removed that problem. Or so I thought. I still get the occasional popup about how I have 50+ viruses and need to purchase this program to fix it. So that problem is still active.

Next problem. Today I was just chillin playin some cod 4 (mw2 blows) and I get an IM. I look at my computer and this is the IM I got:

aH0tUnicorn 6:45 pm
(6:45:10 PM): this new apple ipad is so awesome you can get one too just by entering here hxxp://tinyurl.com/appleipadentry

I told him to shush because I had gotten that same message last night from someone else. The next IM I get from him says:

aH0tUnicorn 6:47 pm
(6:47:31 PM): i didnt send u anything
(6:47:33 PM): ??
And after showing him the message

aH0tUnicorn 6:48 pm
(6:48:08 PM): i didnt send that wtf?

I noticed a few minutes later, after googling something I go redirected to some site advertising the iPad. (lol @ it having the word Pad in it). I was scanning with malaware bytes and it showed nothing. Then a friend directed me to here. so yeah thats about it. btw thx if whoever replies took the time to read the whole thing. so what should i do?
edit: plus, my computer is runnin mad slow now. some people need lives

A:Google redirect + Security Essentials 2010

Hello and welcome please run these next. If you have Spybot installed temporarily disable it.Next run ATF:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware (v1.45) and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make ... Read more

Read other 1 answers
RELEVANCY SCORE 86.4

Hello everyone! its my first time on due to above malware. it has taken my administrator job from me then fired me. i run windows seven professional and am chatting and able to be here is a b/up drive i had installed in tower but was not plugged into the system yet. i basically am mainly concerned with is all the steps involed with and proper procedure of injecting rkill.com into infected drive thru either this one or preferablly a thumbdrive. it is unreal how quick it shuts you out and starts shutting everything down! I never fired this drive before and gave it 7 of the disc. i honestly hate that drive but have alot there of importance. SO QUESTIONS: 1)I'm prestep1 and my rkill.com dwnld keeps gettin axed by my int/sec. (i can handle this np); it should look offensive i would think! correct? 2) i dont want to cross contaminate drives! but would not mind pulling off "clean data" ontothis one. safest? best? 3) anytips and tricks cause im really missing all the fine tuning of settings, links, shortcuts etc. and sorry but this internet explorer still bugs me at version9. 4) i have the spelled out process list and it looks easy enough, someone else suggested reinstalling the os onto infected drive, but the dang computer is doin such weird things, i couldnt tell ya if it worked cause it seemed to stall too long and fear drove me to seal it off inside w/ no power, and extract it when better equiped! ;) any... Read more

A:SECURITY ESSENTIALS 2010 MALWARE HIJACK

In an effort to be more clear, for readers;....... my problem appears as a security program offering to help me remove my "47" infections etc. for a nominal fee of $79.00. Any thing i tried it would stop me and throw up a popup stating what i was tring to do was infected. i went to the security essentials "how to remove " instructions seeing that i didnt see it in ad/ remove programs and never asked for it. of couse they were false and from there i went to system restore whereupon they tell you there arent any restore points to be found. Which is BS because i get one on every windows 7 update etc. so from there i killed power and took steps to research the best course of action. I assume that sticking with this original topic is better than create new because i titled it appropriately. & i am as yet not to the 3 day marker so a response should come to this topic first correct? Anyway in an effort to not let my impatience get the better of me i will wait it out i guess. My only concern is that i will bee leaving for up to a week this weekend and unfortunately will get response then and not be near my desktop to follow instruction and of course goto back of the line when i am again able to attempt this> Any suggestions? Maybe i should pack up this beast ? UNSURE! Thanks again for this site and the work you do!

Read other 1 answers
RELEVANCY SCORE 85.6

First time on this forum, I should have come here for help first. Anyway I downloaded PCTools Spyware Doctor after being infected by this rogue program and it was able to remove all of the files except one, Hijack.possibe.something I forget? I also ran a program called Reg Cure thinking it would help the computer by "cleaning" the register. I think that was a mistake!!!! The computer is now locking up and I'm not sure if it's Internet Security 2010 or Reg Cure program that is causing it. I don't have anything really important on the machine so I thought I would just make a boot disk, reformat the HD and reinstall XP. The problem is I don't have a recovery disk or the XP installation disk, it didn't come with either. I think I was able to recover the Key Code for XP using a program for extracting Keys but don't know for sure if it's accurate. My sister has the exact computer that was bought and worked on by the same tech and the same day so, is there any way I can copy XP or make boot disks and backup disks from her computer and just reenter my Key? I bought a legitimate leagle copy of Window so how do I go about getting my computer back up and running? Where can I get an installation disk for cheap and just reinter my code. What if the code isn't correct? Man! I'm I screwed? Thanks. Any info is much appreciated. Tom

Read other answers
RELEVANCY SCORE 85.6

My moms computer started getting the Security Essentials 2010 alerts. I think I have the Security Essentials 2010 removed (but I'm not positive), but now she is getting Gala redirect on her web searches.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Ann at 8:02:42.15 on Sat 02/26/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1400 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\documents and settings\all u... Read more

A:Security Essentials 2010 / Gala redirect search

Solved!

Thank you.

Read other 2 answers
RELEVANCY SCORE 85.6

My NIS 2010 runs out in 15 days, and instead of paying them $60 for another year I'm wondering if it's safe enough to just use MSE and the built in firewall. I never had any complaints with norton, it worked great, never noticed it at all, but I just can't justify spending $60 for something is MSE is at least or even almost as good. I haven't seen many independent tests of MSE, while I know that Norton is one of the best at detection and removal. Opinions?

A:Stupid or Smart - Security Essentials instead of Norton 2010

Originally Posted by kingston73


My NIS 2010 runs out in 15 days, and instead of paying them $60 for another year I'm wondering if it's safe enough to just use MSE and the built in firewall. I never had any complaints with norton, it worked great, never noticed it at all, but I just can't justify spending $60 for something is MSE is at least or even almost as good. I haven't seen many independent tests of MSE, while I know that Norton is one of the best at detection and removal. Opinions?



Kingston

MSE is decent. It takes up a much smaller footprint and uses less resources the norton. PLus its free. I use it but use a software firewall other than the built in one.

Ken

Read other 4 answers
RELEVANCY SCORE 85.6

I had several problems a couple days back and I got rid of several things including netuza32 and Security Essentials 2010, but each time I run an AVG scan and Malwarebytes scan they find new problems. I also quarantined ebicoteziva.dll which I'm unsure about since I get a 'not found' error for it each time I boot. Can anyone please help me with this?

HiJack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:14:11 PM, on 2/21/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assis... Read more

A:Virus: netuza32/Security Essentials 2010/ebicoteziva.dll

Read other 13 answers
RELEVANCY SCORE 85.6

Hi all.. My neighbor has asked me for help fixing her computer. She says she was just surfing along the other day when suddenly things started popping up all over the place.The first obvious problem was "Security Essentials 2010" .. so I ran MBAM and while it was scanning Avast stated reporting finding Win32.Qandr [rtk] infections.. so I shutdown avast and restarted the MBAM scan.. it seemed to deal with Security Essentials..I ran Spybot afterwards and it reported Virtumonde.prx, Supsay.Smss32 and Win32.agent.chh ..Having cleaned those, upon bootup I still get a couple flashes of a couple dos boxes popping up on the screen.. In my experience helping family members with their comps, Virtumonde isnt usually taken care of by a simple scan, so could you pelase look these logs over and let me know where to go next? thanks,nopk..------------DDS (Ver_10-03-17.01) - FAT32x86 Run by Windows at 22:17:37.40 on Fri 05/21/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.379 [GMT -7:00]AV: avast! antivirus 4.8.1368 [VPS 100520-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchSVCHOST.EXEC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcsSVCHOST.EXESVCHOST.EXEC:\Program Files\Alwil So... Read more

A:was Win32.Qandr [rtk] and 'Security Essentials 2010", now Virtumonde.prx

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 18 answers
RELEVANCY SCORE 85.6

I picked up the Security Essentials 2010 bug a week ago. I was able to delete it and reset all the changes it made to my system (wallpaper, task manager, etc.); but since then, Symentec Endpoint Protection has been blocking a lot of Tidserv requests and occasionally I am redirected when using Google. Another problem is that IE will start on its own once or twice a day. I have run MalWareBytes and rKill to no avail. Any help would be appreciated.PS:Windows XP ProfessionalVersion 2002 - Service Pack 3Symantec Endpoint Protection I am able to run DDS, but GMER blue screens and reboots my computer Therefore, I do not have the Ark.txtDDS (Ver_10-03-17.01) - NTFSx86 Run by MMcGregor at 11:38:44.56 on Wed 05/19/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2006.1276 [GMT -5:00]AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}============== Running Processes ===============C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exeC:\Program Files\Symantec AntiVirus\Smc.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exesvchost.exeC:\WINDOWS\S... Read more

A:Security Essentials 2010; Tidserv requests; IE redirects

Good evening. Download TDSSKiller.zip from Kaspersky from here and save it to your Desktop - this is important. You will then need to extract the file(s) from the zipped folder.To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...In the Extraction Wizard window that opens, click on Next> and in the next window that appears, click on Next> again. In the final window, click on Finish Close all open programs as a reboot may be required. Go to Start > Run, copy and paste the following into the text box and hit OK:"%userprofile%\desktop\tdsskiller\TDSSKiller.exe" -l report.txt A Command Window will open and the tool will scan and produce a log called report.txt that can be found in the TDSSKiller folder that you unzipped. If the tool prompts for a reboot, please allow it to do so; if it fails to reboot after prompting, reboot manuallyPlease post the contents of the log, report.txt, in your next reply.

Read other 12 answers
RELEVANCY SCORE 85.6

I picked up the Security Essentials 2010 bug a week ago. I was able to delete it and reset all the changes it made to my system (wallpaper, task manager, etc.); but since then, Symentec Endpoint Protection has been blocking a lot of Tidserv requests and occasionally I am redirected when using Google. Another problem is that IE will start on its own once or twice a day. I have run MalWareBytes and rKill to no avail. Any help would be appreciated.

PS:
Windows XP Professional
Version 2002 - Service Pack 3

Symantec Endpoint Protection

A:Security Essentials 2010; Tidserv requests; IE redirects

Hello and welcome. We need a deeper look. Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Let me know if that went well.

Read other 2 answers
RELEVANCY SCORE 84.4

is MSSE a malware protector also or only an Anti-virus?

A:Microsoft Security Essentials

Hello Francis,

It's both wrapped up in one program.

http://www.microsoft.com/security_essentials/

Read other 1 answers
RELEVANCY SCORE 84.4

I have it and is it trustworthy for anti-virus? I just downloaded Comodo firewall.

A:Microsoft Security Essentials

  
Quote: Originally Posted by Hrydopanda


I have it and is it trustworthy for anti-virus? I just downloaded Comodo firewall.


MSE is pretty good. Just remember that no AV can really prevent infections. They are more of a band-aid than anything else. If you surf the Internet with a healthy sense of paranoia you can avoid most problems yourself.

Read other 4 answers
RELEVANCY SCORE 84.4

Hi,

How can I turn off MS Security Essentials firewall out of curiosity if I so choose or the program firewall is permanently installed? Thanks.

A:Microsoft Security Essentials

Microsoft Security Essentials (MSE) does not control Windows Firewall, it is part of the OS.
It will however disable Windows Defender as it is a replacement for Defender.

Windows Firewall - Turn On or Off

Read other 3 answers
RELEVANCY SCORE 84.4

I have just found this article relating valuable information about MSE; installation, features and a review. It should be of interest to all who use MSE and those thinking about switching.
http://www.techradar.com/reviews/pc-...-640587/review

A:Microsoft Security Essentials

Nice article! Thanks for sharing!

Read other 5 answers
RELEVANCY SCORE 84.4

i am trying desperately to remove security essentials. I have tried via add remove programs and it fails saying the feature you are trying to use is on a network resource that is unavailable then gives a path on c.
i have tried ur uninstaller. i have tried the microsoft kb manual uninstall steps. the removal tool no longer exists on microsoft. i have windows 7 pro current on updates with the exception of a mse update that continually tries when i shut down pc
 

Read other answers
RELEVANCY SCORE 84.4

I notice a high lighted line [Computer Status Potentially Unprotected], what does this really mean? is my computer not protected with installed MSE.
MSE is set in real time and runs daily for checking hard drives.

A:Microsoft Security Essentials.

Maybe a screenshot of the problem will help us determine what is wrong

Read other 7 answers
RELEVANCY SCORE 84.4

I cannot update my Microsoft Security Essentials,please help
it shows error code 0x80070426

A:Microsoft Security Essentials

Have you tried disbaling your Firewall or allow connections to the Internet for MSE

You may want to see this article because it has your error code

You may receive an error message during the license installation in Windows Vista when you perform a Windows Anytime Upgrade&#58; &#34;An error occurred during the license installation&#34;

Hope This Helps,
Josh

Read other 4 answers
RELEVANCY SCORE 84.4

Hi all, is anone running the trail version of Microsoft Security Essentials? If so how is it looking and is there a release date yet? Im not sure why MS have only released it to 3 countries. I have read some reiviews with very positve results.http://www.microsoft.com/security_essentials/market.aspx

A:Microsoft Security Essentials

So is no one using this software yet?

Read other 5 answers
RELEVANCY SCORE 84.4

Hello
Does anyone know if Microsoft Security Essentials can be installed in Wimdows 8 as a separate download. I have Win 7, love it and use MSE. I undestand it is not part of Win 8.
Thank you

A:Microsoft Security Essentials

It's my understanding that Windows 8 uses MSE. They just renamed it Windows Defender.

Protect your PC - Microsoft Windows

Read other 9 answers
RELEVANCY SCORE 84.4

Hello All
My MSE is updating permanently is this right? , its been updating for 3 days, even when i shut down and then start up its still updating, is this right? or is there some reason for this?

Thanks
Allan

A:Microsoft Security Essentials

Allen
MSE is updating current defintions. When you first download it may take time, lets say 30 minutes or so to update. After that intitial update it should update once or twice a day. Each update should take about 2 or 3 minutes. Anything that deviates greatly from the parameters that I have set should be investigated.
MSE is working real time to catch virus, but this is more or less silent, I do not even know that it is happening. The only event that may be noticed is an active scan. Check the schedule and make sure that your active scan is set for quick and only about once a week.

Read other 15 answers
RELEVANCY SCORE 84.4

Has anyone any playback on virus protection using Microsoft Security Essentials. I am a Mac user and I am going to buy a laptop with Windows 7. Or should I just go with Norton?
 

A:Microsoft Security Essentials

Read other 11 answers