Over 1 million tech questions and answers.

Antispyware Soft

Q: Antispyware Soft

My grand daughter has the Antispyware Soft/Security warnings on her Windows Vista system. Pop-ups declare various files are infected. IE loads with various porn sites or Viagra sites. Windows Security Center screen pops up.On another computer, I downloaded defogger.exe, dds.scr, rkill.com and gmer.zip to a flash drive. Then I copied these files to the desktop of the infected vista computer. When I try running I obtain pop-ups saying ?defogger.exe is infected? and ?dds.scr is infected? and the programs do not run.

RELEVANCY SCORE 200
Preferred Solution: Antispyware Soft

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Antispyware Soft

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREPlease download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.

Read other 2 answers
RELEVANCY SCORE 61.6

Hello...again.

My computer was recently infected with a Trojan (http://www.techsupportforum.com/f100...es-474978.html), and it has become infected again. I do not visit suspicious sites so I do not know how this has occurred again.

After my daily AVG scan, an unfamiliar icon appeared in my taskbar. It was a green shield and was called "Antispyware Soft." It notified me that my computer was infected and that it was running a scan for me. I realized that it was fake and tried to exit the program through my taskmanager, but a windows security box opened, said my taskmanager was infected, and asked if I would like to run an antispyware scan - I couldn't "x" out the message, so my only option was to click no. I also tried to open MBAM and AVG, but I received similar messages both times. Shortly after, I received two more "notifications" from the program that my computer was infected. I was unable to cancel or close these notifications, and they blocked my screen. I also received a popup through Internet Explorer.

I tried to download DDS, but I couldn't open the program. It seemed as if the file type was labeled as a screensaver instead. I didn't double check and immediately deleted it. In an attempt to avoid any more problems, I shut down my computer, but I don't know what will happen next :(

If necessary, I will try to download DDS and GMER to provide more information on my computer's status.

Sorry for all the trouble, and thanks fo... Read more

A:Fake Antispyware Program - "Antispyware Soft"?

Hello again, cherrrriex.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please download one of the files below, courtesy of BleepingComputer.com, and save it to your desktop.

rkill.com
rkill.pif
rkill.scr
rkill.exe

If necessary, download to a USB drive on another computer, and transfer them to your desktop.

Double-click one of them to run it. You don't have to run them all, just get one of them to run.

You may have to run it multiple times to kill all the processes that are controlling your machine.

Keep trying until your desktop goes away and then returns.

If you get a prompt from the fake AV, just leave it open. Try rkill again.

Do not restart your computer. If you restart, you will have to do it all over again.

------------------------------------------------------


Quote:




It seemed as if the file type was labeled as a screensaver instead




There is nothing wrong with dds.scr as you used the same file last time.

Now try running dds and gmer and post/attach the logs as before.

------------------------------------... Read more

Read other 11 answers
RELEVANCY SCORE 60.8

I'm posting here after being directed from http://www.bleepingcomputer.com/forums/t/324177/antispyware-soft-residual-problems-after-removal/I mostly run linux but my children run Windows. My son picked up an infection with the Antispyware soft rogue spyware/scareware virus. I was able to remove most of it with MalwareBytes and removing the startup programs and bad registry entries. I also removed the bad proxy entry. So now I can mostly use the internet, but there are still problems. When I try to run Windows Update, Internet Explorer says the page is cannot be displayed. When I go to windowsupdate.microsoft.com with the Firefox browser, it says that the connection was reset. When I go there from an uninfected machine I get a message from Microsoft to use Internet Explorer with ActiveX turned on, so I know the virus is blocking things at a low level. I can get to other microsoft.com sites, just not ones that seem related to updates. Other weird network things also occur. When I am doing a google search for virus information I will get hits from many sites, such as bleepingcomputer.com. If I hover over the link, it shows the correct URL. If I right-click on the link to open it in a new tab, it sends me to some other unrelated garbage site. If I right-click and copy the link location and paste it into the URL bar in a new tab, I get to the correct spot. It is very weird that I'm having problems with both IE and Firefox.I have reset all the settings in IE without any resolution.... Read more

A:antispyware soft

Hi egstern1,Welcome to Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more.If the issue is not resolved please update me on the current condition of your computer.

Read other 10 answers
RELEVANCY SCORE 60.8

Hi.

About an hour ago, my computer started popping up with "Application cannot be executed. The file "...".exe is infected. Do you want to activate your antivirus software now?" when i try to open ANY application.

When i click 'No' it goes away for a second, and then a few moments later pops up again. If i click 'Yes', it opens up a webpage trying to convince me to buy "Antispyware Soft".

Also, When it opens up the Internet Explorer window to try and sell me the program, a window pops up with "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access them".

I don't know where it came from or how it got on my computer. I am running Windows Vista service pack 2.

Please help me get rid of this

A:Help Please!!! "Antispyware Soft"

Hello,There is a removal guide for this infection here: http://www.bleepingcomputer.com/virus-remo...ntispyware-softOrange Blossom

Read other 1 answers
RELEVANCY SCORE 60.8

I got myself infected with Antispyware Soft. I got rid of it with Malware Bytes but I think there might be damage or a residual infection. Computer is slow as molasses, my default settings are screwed up, internet is slow and I cannot seem to manually use Windows Update. I tried to follow your instructions but whenever GMER is done scanning and I try to save the results, it freezes so I cannot get that log for you.DDS (Ver_10-03-17.01) - NTFSx86 Run by Bonnie Peterson at 17:45:15.28 on Fri 05/28/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1239 [GMT -6:00]AV: avast! antivirus 4.8.1368 [VPS 100528-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exesvchost.exesvchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\Program Files\Intel\Intel Matrix Storage Manager... Read more

A:Antispyware Soft

Hello and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have since resolved your issues I would appreciate if you would let me no so I can close this topic.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%SYSTEMDRIVE%\*.exenetsvcsmsconfigdrivers32CREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThanks

Read other 17 answers
RELEVANCY SCORE 60.8

Hello all! i am typing this topic on my wifes laptop because my desktop has a issue. I keep gettin errors that files are infected and my computer wont play them. Like my internet wont work because it says the site has viruses and what not on it which is false because its google or yahoo etc. It blocks everything i try to turn on...it blocked my AVG threat protector when i tried to run a scan and then i just keep gettin pop ups saying im infected and i need to unlock my subscription to antisoft protection program which i have no idea where that came from either cuz i use AVG. I tried that rkill program and it came up in a little black box and said it worked...The little green shield that is the icon for the antisoft protection program went away but if i restart my comp it comes back and i run rkill again and it takes the shield icon away once again but i cant use my web still but only this time i can actually open like aion online or wow or CS. (should have mentioned that b4 i couldnt even open my online games) However this problem still is a issue. Should i just wipe and go back to factory settings? And if i do wipe will i still have a workable windows vista?
Thanks for ur help in advance
-misplaced-

A:how do i get rid of Antispyware soft

ok...yes i know this is the SAME topic as another probably right below this one but i was told to make a new thread...even though he was fixed his own problem so i thought id use the same thread to save space (lol). OK either way not important but what is important is that i have this program blocking everything even my internet and my online games. This program says its called antispyware soft and has a little green shield icon. Please i need help...im not very good with computers lol i mean i know the basics but nothing in depth. Thank you for ur time and help.

Read other 11 answers
RELEVANCY SCORE 60.8

Hi all, thank you for your help in advance! I caught the Antispyware Soft bug yesterday, so I followed the tutorial at http://www.bleepingcomputer.com/virus-remo...ntispyware-soft. It seems to have worked, but I would like to be sure that it is gone, and possibly get the green light to use combofix to deal with the rootkit. Now, I have Windows 7 64-bit; am I protected against the rootkit? Additionally, GMER did not work due to the 64-bit. DDS (Ver_10-03-17.01) - NTFSX64 Run by Johnny at 23:26:18.84 on Mon 06/07/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.2392 [GMT -4:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Essentials\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_10227f8c486f7892\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:&... Read more

A:Antispyware Soft

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 5 answers
RELEVANCY SCORE 60.8

This stupid virus has disabled everything, I can't get on the internet, can't boot to safe mode with networking and I can't run malwarebytes. Looking for some help.

A:Antispyware Soft

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Let's try creating a boot disk that may allow me to get you going:

Using OTLPE

This file is quite large, and requires a CD/DVD burner, and a blank CD on a clean machine. A USB device would be handy as well.Download and install ISOBurner. This will allow you to burn OTLPE.ISO to a bootable CD. Here are ISO Burner Instructions

Download OTLPE.iso and burn to a CD using ISO Burner Or your own burning application). NOTE: This file is 270Mb in size so it may take some time to download.
Once the download is complete, double-click on it. This will open ISOBurner to burn the file to CD.
Reboot your affected system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here

Your system should now display a REATOGO-X-PE desktop.
At this step, you should be able to save any data files to an external USB drive. Do so now, then continue.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When... Read more

Read other 2 answers
RELEVANCY SCORE 60.8

So a few days ago, I discovered AntiSpyware Soft had embedded itself in my computer, resulting in warnings by a fake anti-virus program and my computer running very very slowly. After using StopZilla, as recommended by several sources online, the trojan seemed to be removed and was not detected by StopZilla or SpyWare Doctor, a scanner that was also recommended. Alas, tonight the fake anti-virus popped up again and my computer is back to running at a snail's pace.

Any help would be truly appreciated. Thank you so much.

HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:30:24 AM, on 11/20/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-S... Read more

A:AntiSpyware Soft

Read other 16 answers
RELEVANCY SCORE 60.8

I'm having trouble removing antispyware soft and who knows what else is infecting my computer. I tried following the guide but rkill.com is just not working out for me. I've ran and reran it around 30 times and each time, it gets killed.Here's my dds log:

A:antispyware soft

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 60.8

I need some help with virus removal. Since it is infected I cant run any program without it being stopped and a pop up saying the file is infected.

A:Antispyware Soft

In one forum addressing this topic, the computer should be put in safe mode. then run rkill and malawarebytes. I am currently waiting on what malawarebytes scan to finish.

Malawarebytes found 7 viruses and removed them. Upon restart no popups appeared. So far so good. Anything else I should check or do?

Read other 1 answers
RELEVANCY SCORE 60.8

Hi, I recently had the nasty virus "Antispyware Soft" on my computer. Malwarebytes & AVG 9 took care of it. Well, my internet only works functions properly in Mozilla Firefox. Not in iTunes or Internet Explorer. And when I upload something it automatically goes to "Failure". Im just paranoid that I still have some type of virus. Please help :)

A:Antispyware Soft

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post/attach the logs in your next reply.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

------------------------------------------------------

Read other 2 answers
RELEVANCY SCORE 60.8

Last week sometime I got hit with the AntiSpyware Soft virius trojan or whatever. I ran malware and got rid of what I thought I needed to get rid of. Since then my XP theme doesn't exist the computer is really slow and I am getting link redirects on google searches that don't take me to the right websites.I tried running the GMER program but it would crash and when it did get through I couldn't save the file because it would crash. DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 10:41:22.45 on Fri 06/04/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2551.1886 [GMT -5:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\WINDOWS\system32\svchost.exe -k netsvcsC:\Program Files\AVG\AVG9\avgrsx.exesvchost.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\WINDOWS\System32\... Read more

A:AntiSpyware Soft

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 60.8

I used MBAM to remove Antispyware Soft in Safe Mode with Networking. It appears to be removed, but I still can't get internet access through IE. It appears that proxy is not set (tick box is cleared).Suggestions anyone?DDS log:DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Toshiba User at 22:11:34.93 on Fri 28/05/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.788 [GMT 10:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcsC:\Program Files\AVG\AVG9\avgchsvx.exesvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\All Users\Documents\dds.scrC:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.com.au/uSearch Page = hxxp://www.google.comuSearch Bar = hxxp://www.google.com/ieuDefault_Search_URL = hxxp://www.google.com/ieuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8mStart Page = hxxp://www.muuler.com/uInternet Settings,ProxyServer = http=127.0.0.1:5555uInternet Settings,ProxyOverride = <local&g... Read more

A:Antispyware Soft

Hello and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have since resolved your issues I would appreciate if you would let me no so I can close this topic.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%SYSTEMDRIVE%\*.exenetsvcsmsconfigdrivers32CREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThanks

Read other 5 answers
RELEVANCY SCORE 60.8

Hi I need some help in removing antispyware soft. I tried going into safe mode with networking and using spyware doctor to remove it. I found the viruses and removed them however they keep returning after i log out and log back in. I can get rid of the process by opening task manager before it starts up and ending the process so i can access any program on my computer. I keep running scans and finding the same thing but they keep coming back, can someone help me?

A:Antispyware soft help

DDS (Ver_10-03-17.01) - NTFSx86
Run by wayne at 12:46:00.17 on Sat 05/29/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1562 [GMT 10:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Wayne\Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} -... Read more

Read other 3 answers
RELEVANCY SCORE 60.8

Hi,Thank you in advance; any help is very much appreciated.I was asked by Orange Blossom to paste / attach the following logs as a new post to this forum. She also said that since I had already ran "ComboFix" to go ahead and post that too.Earlier today I posted a detailed description of symptoms and actions taken since symptoms occurred. For your reference, here is my original post link: [topic="http://www.bleepingcomputer.com/forums/t/317830/browser-redirect-problem/"]http://www.bleepingcomputer.com/forums/t/317830/browser-redirect-problem/[/topic]If you need the description repasted here I can do that, just let me know. I am just trying to avoid clutter on the post. I can also post logs from malwarebyte and ESET too, just let me know.As per her instructions, I did the following:- Ran defogger to disable cd emulation- Ran DDS- Ran GMERThe logs are pasted in order they were executed as follows:1st - ComboFix2nd - DDS.TXT is pasted (Please note that I preceded the the paste with 10 asterisks **********3rd - ATTACH.TXT is attached4th - ARK.TXT is attachedComboFix 10-05-16.02 - stephen 05/18/2010 17:54:56.3.2 - x86Microsoft? Windows Vista™ Home Premium6.0.6002.2.1252.1.1033.18.3327.2111 [GMT -7:00]Running from: c:\users\stephen\Desktop\ComboFix.exeSP: Windows Defender *enabled* (Updated){D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active.((((((((((((((((((((((((((((((((((((((( Other Deletions))))))))))))))))))))))))))))))))))))))))))))))))).c:\programdata\pswi... Read more

A:"antispyware soft"

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 17 answers
RELEVANCY SCORE 60.8

Hi I have been infected with a few things, I believe. First off, Every once in a while, a program called Antispyware Soft appears. It tells me i'm infected and need to download software to remove certain threats. I thought i was able to remove it, but it once again reappeared after a few days. I also have a google redirect virus. Any search result i click on from google will take me to a results5.google site. I don't know if these two are related or not. I think one, or both, have something to do with the Mirar program which i cannot remove from my computer. I have AVG Free and Malwarebytes. Malwarebytes did remove some threats on the last scan, but i am still encountering the redirect virus and mirar is still there. While the antispyware soft isnt currently running, i'm sure its still on my computer.

A:Antispyware Soft

Hello and welcome... You need to do all the steps.Please follow our Removal Guide here Remove Antispyware Soft (Uninstall Guide) You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 17 answers
RELEVANCY SCORE 60.8

So I managed to get Antispyware soft on my computer. No program will open, I just get an error saying the program is infected and if I want to activate antivirus. I googled around and booted in safe mode, ran malwarebytes and it found some infections. I cleaned them but when I went back into normal mode the same things keep popping up. I've tried everything. Looking for any help to get this thing off my computer. Help me please. THANKS!
EDIT: I fixed it. mods can delete topic.

A:Help Please. I can't get rid of Antispyware soft

Im having the same exact problem! but im not a wiz on the computer lol. Can anyone help me out as well. I cant even use the the web like.....at all, im currently on my wifes comp. Plzz help thx!!

Read other 2 answers
RELEVANCY SCORE 60.8

Help ... This anti virus Program somehow got Into my TASKBAR it blocks everything ON My puter ...A yellow Balloon pops UP .... saying whatever I am trying to do is INFECTED ..... Add remove programs .... MSCONFIG ... My anrivirus programs ...My spyware programs and It won't let me continue with anything I tried downloading DDS from your websight and It won't let that run says thats INFECTED ... as near as I can figure it the only way OUT is to buy their stupid program ... ? All rights reserved, Antispyware Soft Inc, Antispyware Soft and Logos
are registered trademarks of Antispyware Soft Inc. They are Out of England .... any help would greatly be appreciated .... Thanks Phil

A:Antispyware Soft

Hello and welcome to TSF.


Quote:




as near as I can figure it the only way OUT is to buy their stupid program ..




No, please don't do that.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

===================

The following tool will help running our analysis tools.

If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.


Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not all of them.

V... Read more

Read other 1 answers
RELEVANCY SCORE 60.8

I was infected with Antispyware Soft about a week ago, and I removed it, but then it came back, and my computer BSOD on me about 10 seconds after it came back.

I removed it with MalwareBytes Anti-Malware, but when going to the normal boot version of Windows 7, it still BSODs. I'm posting this while I'm in Safe Mode. The BSOD is IRQL_NOT+LESS_OR_EQUAL 0x000000a FWIW...

any help?

A:help with antispyware soft

bump please urgent

Read other 2 answers
RELEVANCY SCORE 60.8

My pc is infected by a malware from a company called Antispyware Soft, Inc. That is taking over my computer until I activate their software. Is there anything I can do to get rid of this thing?

A:Antispyware Soft, Inc.

Hello,There is a removal guide for that infection here: http://www.bleepingcomputer.com/virus-remo...-antivirus-soft If you still experience issues once you have completed the guide, then please follow the instructions in ==>This Guide<== starting at Step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 60.8

Hi guys

Today this Antispyware Soft popped up on my laptop, I gathered it was something false as i have never downloaded that. As you probably know, it produces false claims that there are problems with your pc and therefore try trick you into buying it. I have already tried to get rid with the use of Hijackthis.exe which helps identify infected files and although the Antispyware Soft does not come up anymore im unsure if it has been fully removed.

Here are the logs you need.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Lauren at 19:30:35.67 on 04/05/2010
Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_17
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.44.1033.18.2046.967 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
SP: Spyware Doctor *disabled* (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestr... Read more

A:Antispyware Soft

Hello, and welcome to TSF.

I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

Read other 19 answers
RELEVANCY SCORE 60.8

HiContracted the Antispyware Soft bug/virus last Friday, May 28th. Got hit with it all at once, with repeated warning boxes about all sorts of random programs, frozen browsers, and then the "program scan box" showing up and "running". I rebooted after about 15 minutes, and got MalwareBytes to update and run. It seemed to do the trick. I rebooted, then ran AntiVir virus scan, which caught a few other things. I rebooted, and then downloaded and ran SuperAntiSpyware, which caught a few MORE things. Everything seemed fine, but then the next day (Saturday 29th) things started acting funny again, though there weren't any more warning boxes or the AntispywareSoft program box. I then followed these instructions http://www.bleepingcomputer.com/virus-remo...ntispyware-soft I ran them twice for good measure, once in safe mode, once out. MalwareBytes didn't catch anything else, but I think something is still kicking. I cannot update Avira AntiVir at all (last update was Friday 28th). When I try to update SuperAntiSpyware I get error messages that it is being blocked (I did add it to the firewall exception list, and it did nothing). MalwareBytes does seem to be updating, but it's not catching anything. Browser still continues to run painfully slow, somethings seem to just not work, even though they should (e.g., Flash). Hopefully you can help me root this out for good. I know it's still in there - either AntispywareSoft, or something else now. Thank ... Read more

A:Antispyware Soft

Hello and welcome to Bleeping Computer. *Please Subscribe to this Thread to get immediate notification of replies. See HERE*It is important not to make any further changes or run any other tools/updates unless instructed to. This may hinder the cleaning process of your machine.*Please be patient, all Bleeping Computer helpers are volunteers and have lives outside this forum.*You must reply within 5 days otherwise this topic will be closed.=======================================================One or more of the identified infections is a Rootkit/backdoor trojan.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identif... Read more

Read other 28 answers
RELEVANCY SCORE 60.8

Have Antispyware Soft. SuperAntiSpyware doesn't detect/remove. Used rkill to disable and ran Malwarebytes - it ran, rebooted - still have it. Won't let me run rkill again. I'm able to access internet thru Mozilla. Wouldn't let me run DDS and GMER logs. Thanks for your help.

A:Antispyware Soft

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 13 answers
RELEVANCY SCORE 60.8

I need help with my mom's PC. She has been infected with antispyware soft. It is a virus that blocks everything you do and has popups that say that your system has been infected.Heres what I have done:Ran AVG- only cookies detected- deleted.Ran Malwarebytes- found virus..local file and 4 registry key which I quarantined & deleted.I found the virus file name "chfgpeftssd.exe" in the start up tab when I ran "msconfig" I unchecked it but noticed when I would come back to the tab it would be rechecked again. I am not sure how to remove it and figured I missed something.I need help seeing if I removed the virus all the way and if anything else is bogging the computer down.I appreciate your help! Thanks!Here is the hijack this log...Logfile of Trend Micro HijackThis v2.0.4Scan saved at 6:14:29 PM, on 5/25/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\dl... Read more

A:antispyware soft HELP PLEASE!

Hello gmsr4grls,Welcome to Bleeping Computer.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE... Read more

Read other 22 answers
RELEVANCY SCORE 60

I had the antispyware soft trojan on my laptop recently and had gotten rid of it. I can use most things now but some things that require an internet connection will say that it cannot connect even though I am using the internet at the same time to type this.

The main thing that bothered me was that I couldn't use windows Live messenger or the laptop couldn't connect to their servers for some reason, I downloaded Miranda IM and could log on from there. I'm thinking it might be remnants from the trojan blocking the connection.

Please help.

A:Post antispyware soft

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 60

Hello all,

Today this Virus (Antispyware Soft) invaded my pc. I have read on several websites what to do and even downloaded spyware doctor software but it just found some other threats. I have also run scans on norton antivirus, ad aware malwarebytes, spybot search and destroy and 1 or 2 more such programs but i havent had any luck.

Spybot seems to have detected 1 or 2 threats which look like the examples of files that this virus might have installed but im not sure wether or not this will take care of it.

Need help to remove it completely please.

Thanks in advance,
P.V.

A:Antispyware Soft Problem

Hello,There is an uninstall guide for this rogue located here: http://www.bleepingcomputer.com/virus-remo...ntispyware-softOrange Blossom

Read other 1 answers
RELEVANCY SCORE 60

Woke up yesterday morning to have PC completely messed up. After reading through this forum and trying myself to fix the issues I run into a wall.

The problem we are seeing is a fake XP security message coming up. I believe we got rid of this issue using a combination of Spybot and Bit Defender 2011.

Was using avast, but this didn't catch the problem so it has been replaced.

The original XP security do not come up any more, nor does the fake shield icon appear in the bottom menu bar. New/knock on issues:
- Now any time we try to run any program is asks what do I want to use to open with instead of just opening.
- Also, the internet is super slow. Was running fine up until the fake xp issues. Now it takes forever to load anything.

I have followed the instructions listed on this site and have posted the below details. Hope someone can help me. Please let me know if any additional information is needed. Thank you - Brett


- I have included the Attach.ziip file as requested
- DDS txt info listed below
- We do not have access to a Windows Install disc, or a Boot CD



.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Lorrie Gow at 10:02:02.01 on Sat 04/23/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.404 [GMT -7:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *Enabled*
.
============== Running Pro... Read more

A:Antispyware Soft Issues

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

Unable to Start a Program with an .exe File Extension.

Download and run this File Association fix from Ramesh.
Unable to Start a Program with an .exe File Extension

Follow the instructions on the page.
<<<>>>

Please download Malwarebytes Anti-Malware and save it to your desktop.[list]
alternate download link 2Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any chan... Read more

Read other 9 answers
RELEVANCY SCORE 60

Sorry if this is in the wrong forum...I was infected with Antispyware Soft about a week ago, and I removed it, but then it came back, and my computer BSOD on me about 10 seconds after it came back.I removed it with MalwareBytes Anti-Malware, but when going to the normal boot version of Windows 7, it still BSODs. I'm posting this while I'm in Safe Mode. The BSOD is IRQL_NOT+LESS_OR_EQUAL 0x000000a FWIW...any help?

A:Antispyware Soft and BSOD

I tried once again on booting to normal mode. BSODs right about 1 minute after desktop is loaded. There also seems to be a redirect virus as well. For instance, when I look up on Google "computer virus" and click on the first link (wikipedia page), it redirects me to some kind of a search engine site.Please help, I need to do a very important project for the weekend and I do not want this to derail my project.

Read other 38 answers
RELEVANCY SCORE 60

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 5:34:44 AM, on 5/14/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\WINDOWS\Explorer.EXEC:\Program Files\IDT\WDM\sttray.exeC:\PROGRA~1\ALWILS~1\Avast5\avastUI.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java ... Read more

A:Recently got rid of "Antispyware Soft"

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

Read other 26 answers
RELEVANCY SCORE 60

Hi

Recently i got infected by the Anitspyware soft infection and i followed the instructions given from bleepingcomputer's guide to removing it. But now when i start my computer normally its very slow and will generally stop workin after a random time...first programs will stop responding and then the mouse will freeze and i cant do nothing except restart the computer.

It seems it might be when i try to access the internet ( which when i use firefox it still sends me back to google everytime i try to go somewhere )

I've ran MalwareBytes which found various infections and cleared em and i also ran Avast antivirus which found some infections which it got rid of.

I tried to restore system to an earlier date because i read that might work but system restore fails saying it cant restore.

Im using WindowsXP SP3

If you need more information let me know and thanks for any help,
K33ba

A:AntiSpyware soft infection

Hello and welcome. Let's see what shows up.Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox or Opera browser click that browser at the top and choose: Select AllClick the E... Read more

Read other 7 answers
RELEVANCY SCORE 60

Yep, this is round two of this thing infecting my computer. I think I've finally found the source of it, which would be a bunch of infected USB drives from the last time I got infected that I forgot to throw away. >_<

In any case, the USB drives have been completely trashed now. But I still need to get rid of this damn virus, and it's keeping me from running any executable files by telling me the program I'm trying to run is infected. I feel pretty dumb having to come back here for this again, but any help is greatly appreciated! And hopefully this will be the last time.

Edit: Oh, and I'm not sure if this is just me or not, but it seems there are instructions to remove this particular program on Bleeping Computer. The thing is, I can't access the website! I don't know if it's just me or if it's this bloody virus blocking the website, so..

A:Antispyware Soft infection

As a follow up, I remember last time that I could not get the DDS or gmer programs to run no matter what I tried. I also could not get a program called rkill to run, but OTL.exe was able to run and I was able to get logs from that. I have already redownloaded and run the program again, seeing as I still can't get DDS or gmer to work. I have the logs ready if needed.

Read other 3 answers
RELEVANCY SCORE 60

My daughter's computer has picked up the Antispyware Soft virus. I have attempted some of the downloads mentioned in other posts. DDS for example. The virus blocks that from being saved to anywhere. Also, trying to save some photos and other files, I am blocked from Explorer. Just trying to get to the first step. I am currently using my computer to communicate. Mozzilla is the only option for using internet with my daughter's computer (the one infected). I'm ready when someone else is!

A:Antispyware Soft Infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 60

Hi, once again I'm returning here for help. I turned on my computer this morning and I get these security pop-ups saying things like 'Application cannot be opened. The .exe files is infected, would you like to run antivirus software.' So i tried running MBAM and SAS but neither would open.

I did a quick search on BleepingComputer and found other people with the same problem, so I tried doing what they did but my computer is still infected. I have OTL and OTH on my desktop right now and I still can't open either of them.

Any help would be appreciated, thanks.

Read other answers
RELEVANCY SCORE 60

Hello:I was attacked by AntiSpyware Soft last night and though I downloaded HijackThis and received a list of files, I don't know which ones should be kept or which ones should be deleted. I'd love to get help from a tech to review my list of files and tell me which ones I should delete. I'm extremely grateful for this forum - Thanks so much!Below are the file names:Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\bmwebcfg.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Intuit\Upd... Read more

A:Attacked by AntiSpyware Soft - Please Help

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers
RELEVANCY SCORE 60

Hey!

I was just on facebook yesterday, no other browser window was open, I haven't had something annowing like this in AGES, but anyways, all of a sudden 'antispyware soft' came up saying I needed to fix some problems. I knew something fishy was going on straight away as I've never seen this 'software' before in my life. I hit ctrl alt del but it says the task manager is infected and needs to fix it, thus not opening it. No document of program can open unless it is called 'iexplore.exe' or 'winlogon.exe'. I assume because it also uses internet explorer to give me adverts for viagra.

I ran hijack this and got the following log, but dont know how to analyze it :/ Any assistance would be fantastic, as these pop ups, 'scanners' and whatnot are really irrirating. Besides from the fact I can open next to nothing..

Many thanks

Andeh

Read other answers
RELEVANCY SCORE 60

HelloI am trying to help my friend in trouble. She has been using Windows antivirus protection, all up to date and working. Today suddenly Antysyware Soft program just appeared and started to scan computer - computer got disconnected from internet by itself, cannot connect back again and it has gone mad. I am writing from another computer. Tried to install NOD32 antivirus to check for viruses but the infected computer is not allowing me to do that. It gives out many error messages:Security warningApplication cannot be executed. The file rundll32.exe is infected. Do you want to activate your antivirus software now? Another message that windows security centre gives out is:Antvirus software alertInfiltration alert - Virus attackYour computer is being attacked by internet virus. It could be a password stealing attack, a trojan - dropper or similar. DETAILSAttack from: - every few seconds it gives another one Attacked port: 34174Threat: Win32/Nuqel.Eanother Threat: BankerFox.Aand it gives another one every few secondsI cannot run any programs at all, install anything or connect to internet. I have unplugged the wire that connects the infected computer to internet. Operating system is Windows XPCan you please please help me?

A:bad Antispyware Soft program

Hi, I have put new windoows on this infected computer so it is working properly now, I will install all the needed protection. That was the best solution in this particular situation. Thank you, Sonja

Read other 1 answers
RELEVANCY SCORE 60

Hi~My computer was infected with the Antispyware Soft virus.I did some research online and I ran Hijack This and then selected a O4 thread that had tssd.exe from the scan results to be fixed (or deleted?).After doing this, the pop-ups stopped and I was able to run programs again.Unsure if I removed the virus from my system completely, I ran some scans.My computer was not clean as Superantispyware detected the Antispyware Soft virus and now I'm worried and confused.Attached is the DDS log...would the computer gurus please look over it and give me some advice? Thanks so much.My computer suffered a blue screen crash in the middle of the gmer scan so I'm a bit scared to run it again.Please let me know what I should do.I couldn't catch what the blue screen said...everything happened too quickly.However, once my computer restarted, there was an error message with something that was similar to atpow.sys (might have missed a few letters).And then my computer screen went black so now I'm really scared..................Please help me~~~I also included a HijackThis log file...let me know what else I can do to provide more information. Thank you very much for your time and expertise.

A:Antispyware Soft virus... please help~

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 60

I believe I have at least one active malware on a Dell Inspiron laptop running XP.

On 6/4/10, I was browsing when Antivir gave me a warning that it found "TR/PWS.Sinowal" and attempted to quarantine. Immediately the Firefox began running much more slowly. Control panel takes forever to open. Also, Diablo 2, Youtube, or any kind of video playback freeze regularly.

Ironically, as I was searching for a Sinowal cure, the second or third site returned in a Google search gave me Antispyware Soft rogue malware. Since I was traveling, I gave up doing anything until I got home on 6/6 and after searching downloaded and ran Spybot and Malwarebytes in safe mode and in normal mode. Spybot did nothing.

Malwarebytes seemed to cure the Antispyware pop-up problem, but the game and video freeze persist. Also, I tried to update Antivir today and that failed. Not sure if related.

I will not try anything else until I receive recommendation.

Here is my DDS log:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Chris at 20:15:54.43 on Fri 06/11/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1400 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k ... Read more

A:Sinowal and Antispyware Soft

Hello aerugo94,

Your computer is still infected, one of which is the master boot record. I hope you have done as was recommended in our pre-posting topic and changed your passwords and logins to any financial sites you visit, from a known clean computer. If you have not, please do so as soon as possible and do not use this computer to access those sites until it has been cleaned.

==============================

It will require more than 1 round to clean the system. Please stay with me until given the 'all clear' even if symptoms seem to abate.

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Open notepad and copy/paste the text in the code box below into it:


Quote:





DDS::
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>






Save this as "CFScript.txt", and as Type: All Files (*.*)
in the same location as ComboFix.exe

***************************************************

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

***************************************************





Refering to the picture above, drag CFScript into ComboFix.exe
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware ... Read more

Read other 11 answers
RELEVANCY SCORE 60

AntiSpyware Soft started appearing on my computer, at random so I went ahead and did a full scan with MBAM. Problem is, Every time I quarantine and remove the infections, they keep coming back.DDS (Ver_10-03-17.01) - NTFSX64 NETWORK Run by 2 at 16:54:46.76 on Tue 06/01/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_15Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4063.2853 [GMT -4:00]SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Explorer.EXEC:\Windows\system32\ctfmon.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files (x86)\Opera\opera.exeC:\Program Files (x86)\Malwarebytes' Anti-Malw... Read more

A:AntiSpyware Soft + Other goodies

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 60

Ok, so as the title suggests I had it pop up on me don't know where it came from really but I'm fairly competent in the removal of it I'd just like some clarification that it is gone before I return to my everyday activities.CODELogfile of Trend Micro HijackThis v2.0.4Scan saved at 13:53:58, on 30/05/2010Platform: Windows 7  (WinNT 6.00.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\SysWOW64\HsMgr.exeE:\Game's Installed\Steam\Steam.exeC:\Program Files (x86)\Windows Sidebar\sidebar.exeC:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files (x86)\Razer\Tarantula\razerhid.exeC:\Program Files (x86)\Razer\DeathAdder\razerhid.exeC:\Program Files (x86)\EVGA Precision\EVGAPrecision.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Razer\DeathAdder\razertra.exeE:\Virtual Hard Drive\vmware-tray.exeC:\Program Files (x86)\Windows Sidebar\sidebar.exeC:\Program Files (x86)\DAEMON Tools Lite\DTLiteShellHlp.exeC:\Program Files (x86)\Razer\DeathAdder\razerofa.exeC:&... Read more

A:Antispyware Soft, Recently had this pop up on me.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 11 answers
RELEVANCY SCORE 60

Around 24 hours ago, Java popped up unexpectedly, without prompt; it seemed like it was loading something. Indeed it was, for shortly afterward, my computer was riddled with Antispyware Soft. I managed to get rid of it using Malwarebytes, after renaming the Malwarebytes exe file (MBAM.exe) to firefox.exe, since I noticed that Firefox was still working.It seemed to get rid of everything, but when the computer restarted, I noticed a few strange things. (1) The "theme" of the login window had changed from a Windows XP theme to a Windows Classic one (not really important, but interesting to note). (2) I could not log onto the internet; the DNS was not being properly "registered." I eventually worked my way around this by manually setting my IP address and DNS server. (3) Windows Media Player cannot play the file because there seems to be a problem with your sound device. I can get no sound from anything no matter what I try. (4) Google Chrome does not work. (5) Video card-related failure messages are becoming increasingly common.I did a google search and found that others had also reported losing sound, Chrome functionality, and internet after removing Antispyware Soft. I removed and reinstalled my sound drivers to no avail.I ran another Malwarebytes scan, a full scan this time, along with an ESET online scan. ~30 items were deleted this time, but absolutely nothing changed (in fact, it seems to have gotten even worse).For some reason, the browser f... Read more

A:The Remnants of Antispyware Soft

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.:run combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue as follows:Close/disable ... Read more

Read other 6 answers
RELEVANCY SCORE 60

I picked up the Antispyware soft virus. I was able to locate the tssd.exe file and delete it but i am still having a lot of trouble with this virus. I have been getting a lot of DNS errors. Which I think this virus is causing. I have recently fixed the RPCSs problem (I hope) so I can have internet access again. It took me about 20 tries but finally was able to pick up the DDS tools. Here is the log.DDS (Ver_10-03-17.01) - NTFSx86 Run by Drazala at 10:40:25.29 on Wed 05/26/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1253 [GMT -5:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\DOCUME~1\Drazala\LOCALS~1\Temp\Msl.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Winamp\winampa.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\YouTube Downloader Toolbar\SearchSettings.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exesvchost.exeC:\Program Files\Windows Desktop Search\WindowsSearch.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Exp... Read more

A:Antispyware soft infection

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Gmer is the best but can be hard to get a log lets try this and see what we get.Scan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Gringo

Read other 48 answers
RELEVANCY SCORE 60

My desktop appears to have been hijacked by a fake antivirus calling itself the antispyware soft virus. It has basically shut down all .exe commands, such that I cannot get online. I am on my laptop typing this now.

Per the prep guide, I attempted to run the defogger, DDS, and Gmer (via a flash drive) to post a log of the desktop, but the virus is preventing me from running each of these, saying that the found a problem running the program, and inviting me to activate them (the fake antivirus).

Any assistance is appreciated.

A:Antispyware Soft Virus

Hello,I found the summary instructions to remove antispyware soft virus here:http://www.bleepingcomputer.com/virus-remo...ntispyware-softand it appears that the virus has been removed.In addition to the malwarebyte's antimalware scan, should I run anything else to make sure my desktop is not carrying anything bad that may come online at a later point?Thanks again.

Read other 1 answers
RELEVANCY SCORE 60

Hello and thanks in advance for your assistance. My laptop is infected with Antispyware Soft and I've been fighting with it for three days. While surfing last night on my desktop I found this website and was thrilled to find free professional level assistance. My problem began by receiving an infection notification and solicitation from Antispyware Soft. During the time I was trying to find a fix on my own I performed a System Restore, following this I intended to run System Restore a second time but was confused and did a System Recovery. Things went from bad to worse at this point.

I did manage to find and restore My Photos, My Documents and My Music. I also managed to find what was alterred in my wireless network connection and regained access to the internet. I downloaded Malwarebytes and have run it several times but nothing has been detected. My antivirus, Eset, has detected nothing before or after the infection.

Following the infection none of the programs installed on the laptop would launch although after searching I found the programs but when dbl-clicked to launch the program they simply open all of the sub-folders. I was able to download or reinstall from disc several of the programs and they appear to be working properly. However at this time I'm unable to install from disc because the CD drive will not function and when an effort to launch is made the message "The base UI language directory is invalid".

Not realizing that a forum offering ... Read more

A:Infected by Antispyware Soft

Bump pretty please -- Forgot to mention that GMER will not load in normal or safe mode.

Read other 5 answers
RELEVANCY SCORE 60

Hey guys, im infected with antispyware soft and cant wait to get rid of it but dont know how though. Can you please help me? Whats the best way to get rid of this malicious ware? I have downloaded and run combofix. Is that the way to go? Even though i have performed combofix in the safe mode, i didnt wait until combofix finish creates a log. Would that be a problem? Any suggestion or advice? My computer seems to be OK for now, but i just want to make sure of it again. Thanks in advance guys. Cheers.

A:Need help!! Infected with Antispyware Soft!!!

Hi there, can anyone please help me? Its been awhile and it seems that im still having problem with the virus on my computer. Thank you very much.

Read other 5 answers