Over 1 million tech questions and answers.

Antivirus Soft

Q: Antivirus Soft

Trying to follow instructions to remove Antivirus Soft. Have Windows XP and changed to safe mode start-up. However, everytime it tries to restart now, I get a blue screen that says "A problem has been detected and windows has been shut down to prevent damage to your computer. Blah, blah, blah

I don't know what to do, since this blue screen is all I get when I start up now. (Obviously, I'm entering this request for help from a separate computer...)

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Antivirus Soft

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 56

'Antivirus Soft' fake antivirus software loaded itself onto PC. Puts up a green shield with a tick on taskbar, then pops up messages saying PC is infected - opens a webpage with advert to pay for antivirus.
I have tried to get the bug with AVG 9.0 and Malwarebytes but it blocks them and eventually crashes PC.
Dell Dimension 9150, XP Pro, etc..
Thanks for any help you can give,
Derek.
 

A:'Antivirus Soft' fake antivirus software.

Read other 16 answers
RELEVANCY SCORE 54

Earlier today my computer became afflicted with the rogue antivirus "Antivirus Soft." I've encountered viruses like this before, and so I immediately looked for a fix.I first followed this guide: Click HereBy all appearances, after running "rkill" the infection was gone. Strangely enough, rkill didn't seem to finish, it hanged at its initial display, but nevertheless cleared my display of Antivirus Soft. I no longer recieved false virus warnings, and could freely access programs on my computer. It should be noted however that I was not in fact running Safe Mode at that time. Upon rebooting, the infection had returned, and spammed its false messages more frequently. On top of it all, I could no longer run programs like "rkill," nor could I access task manager, either. I then rebooted in safe mode with networking and proceeded to follow the guide linked above closely. After running rkill, it created a notepad log with its results: Nothing. It hadn't found or listed any issues. I then continued with the guide and downloaded, updated, and ran Malware Bytes. The scan returned three infections, which I removed as per the guide. After, I rebooted my computer without safe mode but, lo and behold, Antivirus Soft was still there.I will note that, as of the writing of this post, as well as running the programs listed here: Click Here I have been running in safe mode with networking. If that affects the the results of those programs, then I apologize and will work quickly to run them aga... Read more

A:"Antivirus Soft" Rogue Antivirus

A very strange and hopefully wondering change: I ran Malware Bytes again, and while I'm almost positive that it yielded the exact same results as it had the first time, it appears as though Antivirus Soft is actually gone. I can only imagine the various scans, etc performed through the second guide I linked in my first post had something to do with this, as those were the only differences in this second scan. Here's hoping it is indeed gone! I just wanted to add this to my thread to say it might not be necessary to get help after all. Consider this issue resolved for the time being, though I might be back again in a few days or even hours.

Read other 3 answers
RELEVANCY SCORE 52.4

My computer (Windows XP) was recently infected with antivirus soft. I used malwarebytes anti malware to remove the infection, and also did a full scan with Microsoft Security Essentials, which is what is running on this computer for an anti-virus program. It seemed to okay at first, but now there are popups about surveys and whatnot showing up. Also, Microsoft Security essentials wasn't able to update itself, saying that it couldn't connect to the internet, even though I was connected. Plus, not sure if it is related, but the internet will stop working about every thirty minutes, even though another computer on the same network was still connecting just fine. AND, Google Chrome has not worked since the infection, even after uninstalling and reinstalling it. So anyway, here's the hijackthis log, thank you:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:33:48 PM, on 6/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eH... Read more

A:antivirus soft, pop ups,etc

Read other 16 answers
RELEVANCY SCORE 52.4

Hi everyone, just today my computer was infected with this Antivirus Soft malware. I tried following the online tutorial, but when I finished and restarted my computer, everything was still there. Anyone know what I can do to get rid of this? The only reason I am online right now is because I got the rkill.com to work eventually. Also I did the MBAM scan and it found to infections, and removed them. here is the log:

Malwarebytes' Anti-Malware 1.43
Database version: 3458
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/22/2010 4:31:55 PM
mbam-log-2010-02-22 (16-31-55).txt

Scan type: Full Scan (C:\|)
Objects scanned: 157308
Time elapsed: 57 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and ... Read more

A:Antivirus Soft

Hello Christian.. your Malwarebytes neds to be updated and run again. You may need to run RKill again.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arr... Read more

Read other 3 answers
RELEVANCY SCORE 52.4

I am not sure where the heck Antivirus soft came from but some how I have it. My firewall has been enabled on my laptop since I got it and never been stopped. I had Avast antivirus on it which I have since removed I now have AVG free addition. I followed the instruction using rkill and malware byte but when I restart it is still on there. I have ran malware byte again but it is not finding it. I don't use IE so luckily I am able get on websites fine using firefox. I have tried running AVG as well to remove it but there is nothing found. Please help me to get rid of this.

Read other answers
RELEVANCY SCORE 52.4

Hello

I have had this on my laptop since last night, unfortunatly I have tried everything and tried so many fixes from google/malaware websites and none of them have worked. I understand this has probably been asked a huge number of times but could someone run a step by step process and help me remove it please.

Thank you

Attached Hijack this log.
 

Read other answers
RELEVANCY SCORE 52.4

Just this morning I got this program Antivirus Soft on my computer. Basically, it keeps spamming me with messages that I have spyware and I need to buy Antivirus Soft to get rid of it. It keeps blocking any antivirus software I try to run or download by saying they have a virus and can't be run. I ran a Google search for the virus and I found this tutorial for removing Antivirus Soft:http://www.bleepingcomputer.com/virus-remo...-antivirus-softUnfortunately, no matter how many times I try or which version I use, Antivirus Soft won't let rkill display anything except rkill. That's when I found these forums. Please help. This thing is driving me nuts. DDS (Ver_09-12-01.01) - NTFSx86 NETWORK Run by Owner at 19:52:19.38 on Sat 02/06/2010Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_07Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3069.1754 [GMT -5:00]SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svc... Read more

A:Antivirus Soft

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 52.4

Hello all, I am a beginner at getting rid of viruses, but I have gotten viruses before like Antivirus Soft and usually rkill and malwarebytes does the trick in normal mode. This time, I followed the guide from bleepingcomputer and started my computer in safe mode with networking. There were two options for my Windows XP and I picked the first one and logged in as the Compaq Administrator. I got into Safe Mode with Networking and started using Mozilla Firefox. The Antivirus Soft was not there on the task bar or anything anymore (only the time shows), and I followed the instructions and used rkill and tried to run Malwarebytes-antimalware, but since I am in safe mode, it will not allow me to run it.

So I try going back into normal mode, but Antivirus Soft is so fast at deleting programs that I have no chance of running rkill. I tried downloading so many rkill files on firefox and opening all at the same time, but Antivirus Soft deletes all at the same time. Since I cannot use rkill, I cannot use Malwarebytes to get rid of it.

Is there a way in Safe Mode to use Malwarebytes or just get rid of all the programs Antivirus Soft is using? I would do it manually, but I don't know where to start in my programs to find the HKEYs and stuff like that. I tried looking through files, but that gave me a headache, I tried searching in safe mode for them, but you have to search for files, not HKEYs....

Help please! This is literally driving me crazy. I spent well over ... Read more

A:Antivirus Soft

Hello please look at our removal guide.'Remove Antivirus Soft (Uninstall Guide)

Read other 6 answers
RELEVANCY SCORE 52.4

Hello, like the site suggested, I did try to get rid of the problem using Malwarebytes with the computer on Safe Mode, but it did not work. Thanks in advanced for those who help me out.Here is my HijackThis Log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:39:51 PM, on 09/02/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: Safe mode with network supportRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\internet explorer\iexplore.exeC:\Program Files\internet explorer\iexplore.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\Owner\Desktop\HijackThis.exeR3 - URLSearchHook: OurWorld.com Toolbar - {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - C:\Program Files\OurWorld.com\tbOurW.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: OurWorld.com Toolbar - {80f6... Read more

A:Antivirus Soft

Hello, NipawinEmo.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksWe need to run RSITDownload random's system information tool (RSIT) by random/random and save it to your desktop.Double click on RSIT.exe.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)NEXT:We need to run a GMER scanDownload GMER and save to your desktop. Note that the file will be randomly named to prevent active malware from stopping the download.Close all other open programs as there is a slight chance your computer will crash.Double click the GMER program ******.exe. Your security programs may detect GMER's driver trying to load. Allow it.You may see a warning saying "GMER has detected rootkit activity". If so, select NO.Leaving the settings at default, click Scan.When the scan is complete, click Save and save the log onto your desktop.In your next reply, please include the following:Log.txtinfo.txtgmer.txt

Read other 3 answers
RELEVANCY SCORE 52.4

Mod. note: Topic requested by thcbytes. Do not remove from HJT forum. ~ OBIn system tray have fake red shields that want me to purchase protection which has been identified as antivirus soft.However I cannot connect to the internet to run hjt and other programs.

A:antivirus soft

Here I am. (Thanks ~ OB for the Moderator note)Alright...Here are updated instructions for you to follow.1st let's immunize your flash drive so as to not infect your clean PC.Please download Flash_Disinfector.exe by sUBs and save it to your desktop.Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.Wait until it has finished scanning and then exit the program.Reboot your computer when done.Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.==========Next I need some logs but you infection might not allow my programs to run unless you run this first.........RKill by GrinlerLink #1Link #2Link #3Link #4Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.Download Link #1.Save it to your Desktop.Double cli... Read more

Read other 21 answers
RELEVANCY SCORE 52.4

I have been through the to do list on this site with the malware program (malwarebytes) etc and I still have the same problem. Error messages and sending me to random adult websites and trying to sell me software. I have Hijack this, and icesword on my desktop from the last time I had a problem it this helps any. Please help me.

Thanks
Brian

A:antivirus soft

Hello,Since you are still experiencing issues after going through the removal guide, please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==If you can produce at least some of the logs, then please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.Orange Blossom

Read other 3 answers
RELEVANCY SCORE 52.4

Hi guysI followed the instructions at http://www.bleepingcomputer.com/virus-remo...-antivirus-2009 to remove this annoying spam, without luck. I am now on to second stage where I have saved the dds and gmer files. I am uploading the files here. Please please help.Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

A:Antivirus soft

Hi,I see you already have Malwarebytes installed.However, since this variant blocks the main mbam.exe file (telling it is infected); so please follow the instructions from this thread.Then post the log from Malwarebytes in your next reply.

Read other 2 answers
RELEVANCY SCORE 52.4

Split from here: http://www.bleepingcomputer.com/forums/t/293123/thank-goodness-for-this-site-have-a-question-reantivirus-soft/ ~ OBDoes this help?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:36:18 PM, on 2/3/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\svchost.exeC:\WINNT\System32\brsvc01a.exeC:\WINNT\System32\brss01a.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\system32\SK9910DM.EXEC:\WINNT\system32\CTHELPER.EXEC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeC:\Program Files\Ahead\ODD Toolkit\DVDTray.exeC:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exeC:\Program Files\QuickTime\QTTask.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Messenger\msmsgs.exeC:\WINNT\system32\ctfmon.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeH:\SUPERANTISPYWARE.EXEE:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program ... Read more

A:AntiVirus Soft

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

I am trying to get rid of the Antivirus Soft virus and am having difficulties. I was able to run Hijack this and it gave me the below log. Any help interpreting what I need to remove/fix or any other general advice on addressing would be very much appreciated Thanks!Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 8:44:05 AM, on 6/6/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: Safe mode with network supportRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Spyware Doctor\pctsGui.exeC:\Program Files\Spyware Doctor\pctsTray.exeC:\Program Files\TrendMicro\HiJackThis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software... Read more

A:ANTIVIRUS SOFT - HELP!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 6 answers
RELEVANCY SCORE 52.4

ive already tried the http://www.bleepingcomputer.com/virus-remo...-antivirus-soft guide twice to make sure there were no problems. the first try malwarebytes detected trojans and such which were then quarentined and deleted. i restarted my cpu and noticed antivirus soft was still running so i repeated the steps but this time malwarebytes did not detect anything at all so im just kind of in need for some help. i followed the guide steps 6-9 as boopme had instructed except gmer wont unlock the checks for me so i skipped step 8. also i cant upload the attach.txt cause i dont have an upload/browse button :/ so should i just copypaste it to my next post? or edit this one to add itDDS (Ver_10-03-17.01) - NTFSX64 Run by Alan Tran at 17:27:51.08 on Thu 03/18/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.8156.5903 [GMT -5:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Program Files (x86)\AVG\AVG9\avgchsva.exeC:\Program Files (x86)\AVG\AVG9\avgrsa.exeC:\Program Files (x86)\AVG\AVG9\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Win... Read more

A:Antivirus soft

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 25 answers
RELEVANCY SCORE 52.4

I got the Antivirus Soft while browsing on my laptop. I tried DL'ing Malwarebyte's Anti-Malware but the virus blocked it from starting up, as it did with the other antivirus programs on my PC. I also couldn't start my laptop in safe mode using the F8 method. Fortunately, I have a desktop which I'm on right now. What are the proper files I'd need to download to transfer to my laptop and how would I go about doing it? Thank you.

A:Antivirus Soft

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download ComboFix from one of these locations:Link 1Link 2Link 3Important!You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Make sure that you save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsDouble click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malwa... Read more

Read other 15 answers
RELEVANCY SCORE 52.4

Greetings:

Please help out a newbie!

My desktop is infected with Antivirus Soft. I followed the directions found here to remove the program, but it does not work. rkill does not show a virus, and Malwarebytes indicates that it finds no virus, as well.

Can anyone help?

Thank you!

A:Antivirus Soft

Please provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system.When you say " I followed the directions found here to remove the program, but it does not work", are these the instructions you followed:http://www.bleepingcomputer.com/virus-remo...-antivirus-soft

Read other 1 answers
RELEVANCY SCORE 52.4

I keep getting these pop-ups saying windows security alert saying my computers infected. i have been reading fourms on how to fix this but they all give me a program to download and i can run anything. Cant deleted programs cant run files. Hoping someone had another way to get this off my comp.Edit: Moved topic from XP to the more appropriate forum. ~ Animal

Read other answers
RELEVANCY SCORE 52.4

Today when I turned my computer on I find that Antivirus soft was on my computer. So I followed your guide in removing it. Whatever malware bytes found I removed. But my internet is still not working. I have to go to tools>internet options>connections>lan settings and then I have to untick the use a proxy server to make the internet work just like how you guys say to remove the antivirus soft. So I am guessing that it is still on my computer but when I run the scan again it does not pick up anything. I even ran AVG and it did not pick up anything. What do i do because I do not want to keep going into settings and untick use a proxy.Here is my Hijack LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 3:37:17 PM, on 4/27/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\DNA\btdna.exeC:\Users\Suleman\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exeC:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exeC:\Program Files (x86)\Panasonic\MFStation\PCMFSMLM.exeC:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exeC:\Program Files\Sony\VAIO Wireless Wizard\Auto... Read more

A:Antivirus soft?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

Hi allIt seems as though my computer has been infected with Antivirus soft. I have tried the first suggestion detailed in the antivirus soft removing tutorial with no luck. It has actually gotten worse. Now my computer is randomly pulling up IE windows to viagra.com, adult.com, and porno.com . The DDS.txt is as follows:DDS (Ver_09-12-01.01) - NTFSx86 NETWORK Run by TETRA at 13:50:32.51 on Tue 02/23/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.624 [GMT -6:00]AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\TETRA\My Documents\Downloads\dds.scr============== Pseudo HJT Report ===============uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr10/*http://www.yahoo.comuSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.htmluSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7uStart Page = hxxp://www.yahoo.com/mDefault_Page_URL = hxxp://www.yahoo.com/mDefault_Search_URL = hxxp://us.rd.yahoo.... Read more

A:Antivirus Soft

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 14 answers
RELEVANCY SCORE 52.4

So, today somehow I contracted this malware/spyware whatever it is called AntiVirus soft. I did a quick Google search and found:http://www.bleepingcomputer.com/virus-remo...-antivirus-soft - this guide from here which looked very promising but sadly I'm having trouble with parts of the instructions and was hoping someone could offer some help. First, when I put windows on Safe Mode with Networking, it will not allow me to connect to the internet no matter what so I ended up going back on normal and downloaded the rkill on normal instead. As for the malware program it offers to combat the virus, I already had it previously installed so that was no problem.The problem is rkill doesn't seem to do anything when I went back to safe mode to run it. Then I ran the anti malware program and it doesn't find anything infected at all and shows me a notepad log instead of the list the guide shows it should show me. So I went back to normal mode yet again and ran rkill though it didn't do anything but display a black box and then it disappeared. So I ran the Malwarebytes program again and it still doesn't find anything infected though I still received a message at the bottom of the screen from AntiVirus Soft which is the virus.So far, I haven't seen any more pop ups, and thankfully I haven't seen any more porno pop ups either but I'm not sure if this virus is gone. Is there a way I can check to see if it's truly gone? I mean even when I was sure it w... Read more

A:Antivirus Soft help

Hello Rejected,welcome. I assuming you run XP here. Show hidden files and then update and rescan with MBAM.Close all programs so that you are at your desktop. Double-click on the My Computer icon. Select the Tools menu and click Folder Options. After the new window appears select the View tab. Put a checkmark in the checkbox labeled Display the contents of system folders. Under the Hidden files and folders section select the radio button labeled Show hidden files and folders. Remove the checkmark from the checkbox labeled Hide file extensions for known file types. Remove the checkmark from the checkbox labeled Hide protected operating system files. Press the Apply button and then the OK button and shutdown My Computer. Now your computer is configured to show all hidden files. Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO ... Read more

Read other 5 answers
RELEVANCY SCORE 52.4

Hello-
This morning I ran into AntiVirus Soft on my computer....as I've read and encountered it has taken over my computer. I have tried using the instructions I found on BC but its not taking the virus off my computer.

Can someone help assist me in getting this dreaded thing off my computer? Should I back up my files on my computer?

Thanks in advance for assistance.

A:Antivirus Soft

You will need to Download and Run DDS which will create a Pseudo HJT Report as part of its log..If for some reason you cannot perform a step, move on to the next.Please follow this guide. It will answer your questions.. Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.Let me know if it went OK.

Read other 3 answers
RELEVANCY SCORE 52.4

I followed the directions on http://www.bleepingcomputer.com/virus-remo...-antivirus-soft and it did not work.Ran dds.scr and attached those files.Tried gmer.exe and it keeps crashing.Please HELP!Thanks in advance.

A:Got Antivirus-Soft

System fixed, you may remove this request.

Read other 1 answers
RELEVANCY SCORE 52.4

Somehow Antivirus Soft got on my computer.. i ran my computer in safe mode and followed step by step instructions i found on the internet. This didn't cure my problem. I ran Spybot Search & Destroy and this didn't help either. I can't get on the internet unless i'm in safe mode because internet explorer keeps saying it is not connected. but i know it is working because it works in safe mode.

virus keeps bringing me to sites like viagra.com & adult.com

i also ge this message:
"Application cannot be executed. The file wuauclt.exe is infected. Do you want to activate your antivirus software now?"

i click no because i know its fake.

i have windows xp professional
 

Read other answers
RELEVANCY SCORE 52.4

Hi,My computer hasbeen infected by the Antivirus Soft - I attempted to reboot it so I could bring up task manager and hopefully shut the "virus" off, so I could run Malwarebites, but the computer will now not reboot. I have tried booting to Safemode, Safe Mode with networking, normal mode and even with a boot cd...none of them work. With safe mode it generally just ends up rebooting itself, with normal and the boot disk it usually gives the "blue screen", sometimes with an UNMOUNTABLE_BOOT_VOLUME error, or sometimes just reboots again. Any ideas on what I could do? Might this thing have messed up my HD - is there a way to tell? THe computer was running Windows XP.

A:Antivirus Soft

Hi, MGBCIL Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).Here is what you need to do.Two programs to downloadFirst Download ISOBurner. Click Here for ISOBurner Instructions. Install the program, and follow the next set of steps. SecondDownload OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.When downloaded double click and this will then open ISOBurner to burn the file to CDBoot the Non working computer using the boot CD you just created.In order to do so, the computer must be set to boot from the CD firstNote : For information click hereYour system should now display a REATOGO-X-PE desktop.Double-click on the OTLPE icon.When asked "Do you wish to load the remote registry", select YesWhen asked "Do you wish to load remote user profile(s) for scanning", select YesEnsure the box "Automatically Load All Remaining Users" is checked and press OKOTL should now start. Change the following settingsChange Drivers to AllChange Standart Registry to AllUnder the Custom Scan box paste this in/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysv... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

My Dell became infected with this malware about three days ago. Ran Malwarebyte's and it removed a couple infected files and registry keys. Unfortunately, I'm not able to access the Internet with IE or Chrome because one of the things this does is to remove access to "Internet Options" after changing the proxy server settings. Also, my computer is extremely slow when loading up...PLEASE HELP ME CLEAN UP THIS MESS!

A:Antivirus Soft

Hello,I am moving this from Vista to the Am I Infected forum.Hello and welcome... You need to do all the steps as some pertain to your issue..Please follow our Removal Guide here Remove Antispyware Soft (Uninstall Guide) You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 1 answers
RELEVANCY SCORE 52.4

I have a desktop that is infected with Antivirus soft and is wanting me to purchase it...I can not do anything on this computer, not even take it to safe mode. I have a blank flash drive and blank cd...Please advise.

A:Antivirus Soft

Please download OTLPE (filesize 120,9 MB)When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps hereYour system should now display a REATOGO-X-PE desktop.Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.Double-click on the OTLPE icon.Ensure the box "Automatically Load All Remaining Users" is checked and press OKOTL should now start.Press Run Scan to start the scan.When finished, the file will be saved in drive C:\OTL.txtCopy this file to your USB drive if you do not have internet connection on this systemPlease post the contents of the OTL.txt file in your reply.

Read other 3 answers
RELEVANCY SCORE 52.4

I did everything from running in safe mode to the RKill File and then dnloading the malware bytes program to delete this fake antivirus. I scanned and it found 44 infections. I removed them and then deleted them and i thought all was good and i loaded hubby's pc back up in regular mode and it still popped up. Not sure what else i can do now. I followed the tutorial.

I am getting frustrated. This is his first virus ever on there in the 5 years we've had his PC.

A:Antivirus Soft

Hi and welcome.I think you gave us way to little information. Please follow this: http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/ and then post your logs here: http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs//Barilla

Read other 1 answers
RELEVANCY SCORE 52.4

Earlier today i was just reading some manga from a very well known site for manga and i have never gotten anything malicious from there at all until today. ive already tried the http://www.bleepingcomputer.com/virus-remo...-antivirus-soft guide twice to make sure there were no problems. the first try malwarebytes detected trojans and such which were then quarentined and deleted. i restarted my cpu and noticed antivirus soft was still running so i repeated the steps but this time malwarebytes did not detect anything at all so im just kind of in need for some help.

A:antivirus soft

Hello and welcome. We need a deeper look,please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic from step 9.If Gmer won't run,skip it and move on.Let me know if that went well.

Read other 3 answers
RELEVANCY SCORE 52.4

Hello

I've just recently gotten this antivirus soft virus on my desktop.

It's running windows XP, and Firefox 3 is my browser.

now I was trying to follow this guide at bleepingcomputers.com
http://www.bleepingcomputer.com/tutorials/tutorial61.html#winxo

Now one of the first steps on the guide is to start windows in safe mode with networking. I can't seem to do this. It will start in safe mode but whenever I try to start in safe mode with networking, windows keeps telling me to activate my copy of windows.

Now I don't know what the issue with it is as I cannot do anything in normal windows to check it. ANY program I try to run in windows normally just gets shutdown by antivirus soft.

Any Ideas on how to either get me into safe mode with networking or get rid of antivirus soft without having to go through safe mode with networking?

Read other answers
RELEVANCY SCORE 52.4

Hi All,

I have downloaded Rkil and Malwarebytes, both seemed to run OK. Malwarebytes reported 7 infections and I removed them. I then checked the Registry and deleted files that Bleepingcomputer recommended.
However, I still get infected! I have to run Rkill and Malwarebytes every morning.
I am using XP pro (SP3) and only visit AOL and my online banking sites.
Thanks for any help...

A:Antivirus Soft

Can anyone help? I've run Rkill; MalwareBytes; ATF-Cleaner and Superantispyware. All programs report trojans, infected KEY entries and infected files. I can remove them succesfully. However, after a few logins to my AOL account using IE I get the antivirus Soft malware back. Is there a problem with my IE browser?

Read other 2 answers
RELEVANCY SCORE 52.4

Hello,

Last week, Wednesday night I believe, my husband clicked on a pdf file on the internet and a window popped up trying to get us to purchase something called Antivirus Soft. Right after the window showed up we weren't able to get internet access or open anything on the computer, files, virus software, task manager, etc. Anything we tried to open would say that it was infected. We finally restarted the computer in Safe Mode with Networking and was able to get internet access and downloaded MalwareBytes and it said that it removed several things. We ran it several times since and it still has things showing up. The Antivirus Soft window isn't showing up anymore but if we are on the internet it seems to redirect us to random websites no matter what site we are on and some kind of internet script error box pops up asking if we want to continue running scripts.

I am attaching the logs that I read about when I registered, I hope I ran these correctly. I don't have access to a Windows Install disc or Boot CD. Any help would be greatly appreciated!

Thanks so much!




DDS (Ver_10-03-17.01) - NTFSx86
Run by HP_Administrator at 10:04:51.96 on Mon 06/07/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.490 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k... Read more

A:Antivirus Soft

Hi,

Please do the following;


Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it ... Read more

Read other 12 answers
RELEVANCY SCORE 52.4

Hey everybody,This is my first post here (too bad it isn't for a good reason) and I am stuck with dealing with this program. I came home last night to find my computer infected with Antivirus Soft... as it turns out my lovely wife decided to use my laptop to play around on facebook and yippie, here I am.I have read up on some forums on how to remove this but I am having a little bit of trouble. I have downloaded HJT and mbam and I have ran a scan with HJT. The information that I have says that the lines in HJT should always start with 04 and have sysguard.exe at the end of the line. The problem is that I have NO sysguard.exe on any of my lines so I am now at a loss as to where I should go from here.Here is a copy of the log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:59:23 PM, on 5/31/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: Safe mode with network supportRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Documents and Settings\Tony\Desktop\iexplore.exe.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Internet Explor... Read more

A:Need Help W/Antivirus Soft

Nevermind... found the removal steps in another form.

Read other 2 answers
RELEVANCY SCORE 52.4

My daughter called the other evening, "Daddy, I need help, I have something called Antivirus Soft on my computer and I don't know what to do about it".

I did a Google search and came across the following link
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-softClick to expand...

I walked her through all 21 steps of the uninstall guide given there-- including the download of the latest version of Malwarebytes Antimalware & downloaded the recommended "rkill.com Download Link"

The first time through she received notification of a 732 error with Malwarebytes Antimalware- while trying to update it, so we went on the Malwarebytes Antimalware forum and followed their recommendations for settings in IE8-- then it updated with no problems.

Ran the scan and found a few problems but Malwarebytes Antimalware was able to delete them (or so it said). Also, I did tell her to check each reported reference to make sure it was not in the "RESTORE" folder- as I know many infections like to hide there and re-attack once rebooted.

I then had her update and run SuperAntiSpyware free edition-- found only a few tracking cookies--- deleted them and it was late so she shut down the computer (plus some cookies needed re-boot anyway).

Next day I suggested she manually update AVG (her antivirus) and manually run a scan, as well as repeat the Malwarebytes Antimalware & SuperAntiVirus free--- and was told that the later two found the same in... Read more

Read other answers
RELEVANCY SCORE 52.4

Hi, I just discovered "antivirus soft" a few hours ago and within seconds it wreaked havoc on my computer. I have been following removal guides but keep hitting dead ends. I am currently running in safe mode. I cannot install a few of the programs needed in the guides, always errors or administration policies lock me out. I also have no bottom taskbar on my desktop, so no start menu, time etc.. also I can copy/paste in notepad etc.. but not in my browser. Its a mess.

If someone could help me out I Would GREATLY appreciate it. I really need my computer for school. Thank you.

Windows XP Pro
SP2

A:Antivirus Soft

Hi,

Try the following:

If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.


Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.


http://download.bleepingcomputer.com/grinler/rkill.exe
http://download.bleepingcomputer.com/grinler/rkill.com
http://download.bleepingcomputer.com/grinler/rkill.scr
http://download.bleepingcomputer.com/grinler/rkill.pif


Note:

You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.

At this point, you should now be able to run analysis tools.

Once the tool has run, do NOT reboot the machine, and then try to run DDS and GMER.

If for some reason the machine reboots, repeat the process. Again, try not to restart the machine. ... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

i had antivirus soft on my desk top running XP after removal the PC will freeze up and go to blue screen IRQL_NOT_LESS_OR_EQUAL randomly or when ever i try to run maleware bytes

help please

A:antivirus soft

Hello and welcome.We need a deeper look,please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic from step 9.If Gmer won't run,skip it and move on.Let me know if that went well.

Read other 1 answers
RELEVANCY SCORE 52.4

Hi am new here and very computer illiterate so bear with me the other day my pc got antivirus soft, i manged to get the pc on in safe mode did a virus scan and then did system restore , the pc had no signs of antivirus soft and was working normally. however since then i have been redirected from google serval times to other search engines so am wondering if this if still the same virus? if it is how do i get rid of it? Like i said am new here so ill post that dds report and hope it shows up



DS (Ver_10-03-17.01) - NTFSx86
Run by JMN at 13:00:37.64 on Fri 05/14/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.311 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira FireWall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common... Read more

A:antivirus soft help

Hello and welcome to TSF.

You appear to have two antivirus applications installed, i.e. AVG and Avira. While this may seem like greater protection, it can actually cause problems including slowdowns, system hangs and even crashes. Choose one to keep and uninstall the other.

Any antivirus program must be removed via add/remove program.
For any program that doesn't have an add/remove entry, you will have to do this:
re-install the program -> reboot -> uninstall

As stated in our pre-posting sticky...

Quote:




3. Uninstall the following via Add or Remove Programs in Control Panel:
" If you have more than one antivirus software installed, leave only ONE and uninstall the others.
" p2p programs like uTorrent, Bittorrent, LimeWire, Morpheus, etc., as they are a major conduit for malware and a likely source of your current issues. See this link




============================

After you've uninstalled one of the antivirus applications, run DDS again:
When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop.

============================

Download GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Double click the e... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

I got the virus on my toshiba laptop and tried the msconfig thing and unchecked the only thing I saw with an unknown address. Nothing ended in the dssd or whatever it was supposed to have. I also unckecked the lan setting and I still cant get online. Can anyone help? Im not too computer savy to say the least.

A:CANNOT get rid of this antivirus soft

Hello,Please recheck that item in MsConfig. Unchecking it doesn't remove it and it hides it from scanners.There is a removal guide for this rogue here: http://www.bleepingcomputer.com/virus-remo...-antivirus-softIf you have already followed that guide or if you still experience problems after following the guide, then please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to try to resolve them..If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 52.4

I must have been half asleep to fall for such a scam, but I did... when my computer seemed to be under control of a virus attack, and I could find no way out, except to purchase the software, which I did . Once able to get on the internet and research the product, I realized I had been scammed, and just paid $69.95 for a VIRUS!! Now I need simple (I'm hoping) instructions on how to remove this beast from my computer and a suggestion on a REAL Antivirus Protection that would have caught this before I fell into their trap. Please advise. Thanks dearly, Melanie

A:Antivirus Soft

Welcome to BCSee if these directions will help youhttp://www.bleepingcomputer.com/virus-remo...-antivirus-soft

Read other 1 answers
RELEVANCY SCORE 52.4

Hey, posting for a friend here

he has antivirus soft, and i pointed him towards the removal guide. He installed rootkill, but gets this error when tryint to start it

"windows can not open this file: file: pev.rkexe to open this file, Windows needs to know what program you want to use to open it. windows can go online to look it up automatically, or you can manually select form a list of programs that are intalled on your computer"

he has tried the mirrors and all gave him this error. Any help?

A:Antivirus soft

Hello if this is XP....Go here to Doug KNox's Windows? XP File Association FixesRun 9th down on left... EXE File Association Fix ... the EXE not EML one.Post back the RKill and Malwarebytes logs after then scan and an update on how it's running.

Read other 1 answers
RELEVANCY SCORE 52.4

I am having an issue with my laptop. I am using my desktop to access this forum. I've heard this is the place to go for help. I am getting almost constant Antivirus Soft pop ups on my laptop. It is also blocking access to the web, and my Norton doesnt seem to be able to stop it.

Can anyone help me clean my computer?

Thanks in advance, Weston

A:Antivirus soft

Have you seen BC Removal Guide, Antivirus Soft?I will move your post to a more appropriate forum.Louis

Read other 22 answers
RELEVANCY SCORE 52

I'm new, but since I am not careful, I probably will be back from time to time.

Here are three issues for those who have the time and inclination to take pity.

1) I have Antivirus Soft. My Superantispyware.com stuff finds it, but can't seem to remove it. So, i have printed your guide. Question: Once I am in safe networking mode, when I click on the Tools- Internet Options- Connections- LAN Settings Proxy box to remove the check as directed, I lose my internet connection totally. Does that sound right? (I have a wireless router that plugs in like a flashdrive. It shows no lights at all). Can I work around that problem to remove this thing?

2) Is the removal something that I (a mere but slightly intuitive novice) can remove without making things worse?

3) Finally, when I click on Tools and get the Internet options box, that box is so large and fills up the screen that I can't access the OK button which is at the bottom. I can reduce the font on the screen, but not on the drop menu to make it smaller. Can't figure out how to reduce it so I can click on okay.

Thanks very much for all you all do.

P.S. Feel free to put this somewhere appropriate.

A:Antivirus Soft Removal Qs

So here is an update on my post (above) from Mitchellfan.

1) installed malwarebytes antimalware. entered into safeboot w/networking, etc. I had to load it onto flash drive b/c i couldn't get the internet once i unclicked the proxy thing. Not sure if this mattered but maybe it is a problem. I ran a full scan and came up with lots of items that were removed (Vundo stuff mostly, but no Antivirus soft), but still have the antivirus soft. in fact, it seems worse.

i ran it again by clicking on the shortcuts I had placed on the computer, and it showed zero infections. obviously not true b/c i am having lots of virus problems.

i saw elsewhere i could try system restore, but now that is apparently infected and won't open, even in safe boot. (Says it is temporarily unavailable or some such thing).

i really hate to pay for someone to fix this for me.

1. did it matter that I can't get the internet after I safeboot?
2. does it matter that i get the internet through a wireless router that plugs in like a flash drive?
3. should i move this PC upstairs where it is hardwired?
4. should i try this again? should i uninstall what I've done? what should I do?
5. should I buy a new PC?
6. will the Orioles win again?

I appreciate any help.

Read other 4 answers
RELEVANCY SCORE 52

Hey all! It's been a while since I've had to come here, but just today, my computer appears to have been infected with another virus.

The scan "Antivirus Soft" continues to pop up on my computer, and it's not letting me do anything whatsoever. I'm currently typing this in Safe Mode on my computer, and it's hard to do much of anything.

I just scanned my computer using HJT, the log follows.

HJT Log-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:05:11 PM, on 2/6/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,She... Read more

A:Antivirus Soft is attacking!

Hey again!
I bought a program while waiting to see if it maybe could help- Spyware Doctor. While it did get rid of quite a few things, my computer still has the fake pop-ups from this virus. I still need some help to get rid of it..since It's really effecting what I can do. I can't even use my regular settings, and I'm still in safe mode. It would appear that Malwarebytes didn't find anything whatsoever, but I'm very aware that there's a virus on my computer.

Here's a updated log for HijackThis, along with a Malwarebytes log-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:29 PM, on 2/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Ex... Read more

Read other 2 answers
RELEVANCY SCORE 52

Hi,I got the Antivirus Soft bug in my computer and have followed the directions from: http://www.bleepingcomputer.com/virus-remo...-antivirus-soft, but it still lingers in the computer. What do I do?? I am running Windows Vista on a Dell Inspiron 1525.

Read other answers
RELEVANCY SCORE 52

Hi! So, I started my computer (Windows XP) and soon after that warnings and windows popped, showing antivirus (called Antivirus Soft) scans and infection notices. Almost no program would run, but internet was still ok. I found your tutorial (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-soft) through google and followed all the steps, but after the reboot everything started all over again, it's still infected. As I didn't follow the Preparation Guide before following the tutorial, I was oriented to follow it and then post here again. (Here's the link to my original post: http://www.bleepingcomputer.com/forums/ind...;#entry1658757).I was able to generate the DDS.txt log (posted below). Attach.txt and Ark.txt are attached to this post also. The only thing that may have gone wrong following the Preparation Guide was disabling CD Emulation. The disabling program didn't ask me to reboot the computer as it was supposed to. So I didn't reboot and continued following the guide steps. Everything else worked.If there's any other information you need to help me, just ask. I'll be conected during the weekend. Thanks in advance,Mariana-------------------------------------------------------------------------DDS (Ver_09-12-01.01) - NTFSx86 NETWORK Run by Usuario at 15:22:15,37 on sex 05/03/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.447.222 [GMT -3:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17D... Read more

A:Antivirus Soft infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 20 answers