Over 1 million tech questions and answers.

How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

Q: How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)





Quote:
If your PC is infected with the Win 7 Anti-Spyware 2011 malware or something similar, you?ve come to the right place, because we?re going to show you how to get rid of it, and free your PC from the awful clutches of this insidious malware (and many others)
Win 7 Anti-Spyware 2011 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, Security Tool, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.
This particular virus goes by a lot of names, including XP Antispyware, Win 7 Antispyware, Win 7 Internet Security 2011, Win 7 Guard, Win 7 Security, Vista Internet Security 2011, and many, many others. It?s all the same virus, but renames itself depending on your system and which strain you get infected with.


Source ...

RELEVANCY SCORE 200
Preferred Solution: How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

Thanks for the information. I hope I never have to use it.

Read other 2 answers
RELEVANCY SCORE 129.2

I have XP Media Center Edition Version 2002 Service Pack 3. THE virus scan window pops up
with the name XP Anti Spyware 2011-Unregistered Version. I used the Windows Task Manager to close it.
Zone alarm also asked for ten.exe (I think was the name) to access the internet. I clicked on deny.
I shut down the computer and I am using a different one to post this message.
I have Avira Anti Virus, Malwarebytes, Super AntiSpyware, CCleaner and Spyware Blaster already installed.
It has been a while since I have posted about a virus problem, but I am familiar with the process.
Thanks for your help.

A:Fake XP Anti Spyware 2011 Virus scan

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

Read other 11 answers
RELEVANCY SCORE 120

I have a nasty if not multiple nasty virus's and have not been successful removing them. It started with the XP Anti-Virus 2011 Removal fake anti-virus popping up with all real anti-virus programs disabled and anytime I try to go to an antivirus website I'm redirected to a random site. This happens in all browsers not just Internet Explorer. I also had many of my files changed to hidden file folders and also the start/all programs button does not show any of my programs. I mananged to get both Malwarebytes and Superantispyware on my computer and was able to get rid of much of the problems by running these programs. Now it seems the XP Anti-Virus 2011 has been removed but I still have the issue with my webpages being redirected depending on which page I try to access. I also have many processes that should not be running in the task manager and when i close them out they just start back up again. This worm seems to be accessing my iexplorer because there are multiple iexplorer.exe open at all times and sometimes the CPU Usage gets very high which is not normal for my computer. The final symptom is that at random times I get a webpage pop up or if not a webpage an error that reads like the following example:

An error has occured in the script on this page.

line: 13
Char: 1
Error: Object doesnt support this property or method
Code: 0
URL: http:/www2a.glam.com/mobile/detect.act?affiliatedld=288743725

Do you want to continue scripts on this page?

I will get at ... Read more

A:XP Anti-Virus 2011 Fake Anti-VIrus and webpages being Redirected Virus

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

Read other 17 answers
RELEVANCY SCORE 115.2

Hello, my name is Jake, and just last night I somehow acquired a fake anti-virus called XP Anti-Spyware. I cannot seem to get rid of it, it closes down Internet Explorer, and refuses to allow me to run McAfee or Malwarebytes Anti-Malware. I just ran HiJackThis and clicked "SCAN", the following are the logs from the scan results. I will post the first half of the log in this post, then the second half immediately following, please help:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:24:59 PM, on 3/24/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acronis\BackupServer\backupserver.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService�... Read more

A:Can't Get Rid of XP Anti-Spyware Fake Anti-Virus

Hello and welcome to Bleeping Computer.My name is km2357 and I will be helping you to remove any infection(s) that you may have.I will be giving you a series of instructions that need to be followed in the order in which I give them to you.If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.Please do not start another thread or topic, I will assist you at this thread until we solve your problems.Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:Step # 1 Download and run DDSDownload DDS and save it to your desktop from here or here or hereDisable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.Step # 2: Download and Run GmerPlease download gmer.zip from Gmer and save it to your desktop.***Please close any open programs ***Double-click gmer.exe. The program will begin to run.**Caution**These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security AnalystIf possible rootkit activity is found, you will be asked if you would like to perform a full scan. Cli... Read more

Read other 3 answers
RELEVANCY SCORE 112.4

I need some help with recent problems I've been having with my PC. There're pop-ups that keep coming back, and I don't know how to remove it. I've tried scanning with Ad-aware 2007, and I even used my CA anti-spyware and anti-virus but to no avail. So I tried manually removing it. I searched my PC for suspicious files. So I tried removing a bunch of files that may be malicious software like winctl.exe, and boat32. I found the instructions on removing them in this forums after searching for it in google. So I did that, but the pop-ups keep coming back. I tried using hijackthis, but I'm not sure which files to delete. I've tried fixing some files that I think are harmful, but it doesn't seem to help. Can you show me what to fix in my hijackthis log? The pop-ups are an advertisement on CiD something.

Oh, and I don't know why, but I when I check my task manager it says I have 2 iexplore.exe running when I don't coz I usually use firefox. When I end the processes they just come back. Can you help me? Thanks.

HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:55 PM, on 9/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavas... Read more

A:Solved: Need help, pop-ups, Ad-aware, and CA anti virus/anti-spyware can't remove it.

Read other 16 answers
RELEVANCY SCORE 111.2

I followed the steps on this thread:http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011I ran complete scan with malware, 3 viruses shown, removed them and rebooted.Still get the Anti-Spyware 2011 on reboot. What to do next??? Thanks in advance for help.Edit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum. ~ Animal

A:Remove XP Anti-Spyware 2011

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller

Read other 1 answers
RELEVANCY SCORE 111.2

I have been infected with XP Anti-Spyware 2011. I get pop up windows that are titled "XP Security 2011 - Unregistered Version". When I try to follow the removal guides "Remove XP Anti-Spyware 2011, Vista Security 2011, and Win 7 Internet Security 2011 (Uninstall Guide)Posted by Grinler on February 18, 2011 @ 09:52 PM" the following occurs.

When I run Rkill, the text in the command window is as follows: (I have downloaded all the different named files and the only ones that will launch Rkill.com and Rkill.scr. The spyware will prevent the others from running.):

--Preparing Rkill.

--Terminating know malware processes.
--Please be patient.
--sed.exe: can't read C:\DOCUME~1\xw4200\LOCALS~1\Temp\rks.log: No such file or directory exists.

I am not able to access explorer windows or run Malwarebytes'Anti-Malware on the affected PC. This has made the PC virtually useless.

Thanks in advance for any help

A:Remove XP Anti-Spyware 2011

Hi and OTL.exe can run from anywhere. It can be downloaded to a flash drive and ran from there. So lets try that.Download OTL.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.OTL should now start. Change the following settings
Change Drivers to AllChange Standard Registry to AllUnder File Scans, change File age to 30Under the Custom Scan box paste this in
netsvcs
set /c
/md5start
UXTHEME.DLL
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
Userinit.exe
Explorer.exe
Winlogon.exe
Regedit.exe
SCLWAPI.dll
/md5stop
%SYSTEMDRIVE%\*.*
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.If unsuccessful, attempt to boot in Safe Mode with Networking. Are you able to obtain a connection to the internet and ... Read more

Read other 4 answers
RELEVANCY SCORE 109.2

Hello,Like another user here, I have just been hit with a brand new version of the X security 2011 fake antivirus program. This new version:1) Kills all versions of Rkill. It will run Rkill.scr but stops it giving a fake completion message. Rkill creates an error in the CMD screen but will not save a log file. The log.txt screen that appears when RKILL 'finishes' shows no processes stopped.2) It kills Fire fox 3.6x and internet explorer dead. No access whatsoever. If you click on the virus program, it will try to launch internet explorer internally but it cannot be launched any other way. (I tried this is safe mode, so it could not connect.)3) Blocks Roguehunter and Spyhunter from launching (along with malware and Rkill) even in safe mode.4) Blocks OTL.exe. Won't launch at all. (Sorry, I can't give you a log.)It does:1) Launch a process called WXT.exe whenever it is trying to validate a program. This process jumps all over the Task manager screen so as to be hard to stop.2) Takes over the SAFE MODE as well as a normal boot. RKILL nor any of the mentioned programs cannot be launched from here either.I am using a p4 32 bit window XP machine. I have an original copy of windows. I will try to provide any other information I can but this one is a bad one and it has greatly limited me in what i can do.I believe it's check the file structure of Rkill in some way so renaming the file will no longer work. Is there yet another version?I know this informati... Read more

A:New version of 'xp security 2011' fake anti virus program

April 14thI found this on Microsoft's site.This is another example of the increasing sophistication of this type of malware. FakeRean has also introduced another way of ensuring it is automatically started. It modifies the registry to associate .exe files with its own executable, so the rogue is run whenever any program is launched. Unlike other rogues, such as Win32/FakeScanti, it doesn't just use this technique to block other programs from running, but if the rogue is removed without restoring the registry then .exe files can no longer be run. The EXE file extension needs to be re-associated in order to restore normal functionality. Please see our encyclopedia entry for further detail.This explains why when I removed the Fakerean, none of my programs would work. It killed the registry. Looks like my only solution to restore my programs was the system restore point.This might also explain its safe mode trick. It may have done a redirect to itself. "Seeing" the computer was being launched in safe mode, the program substituted its own.That listing was from March of 2010. It's not a stretch to imagine someone has moded the Fakerean to include the safe mode gag in the ensuing year.I hope this helps some people out there. This was a nasty one because of its registry hacks. It made all of the software you combat this sort of thing with useless.Maybe everyone already knew about this. I don't know. But hopefully this will help some others out there.S... Read more

Read other 3 answers
RELEVANCY SCORE 106

I have gotten the Fake Anti Virus 2011,
Have followed the directions from (Bleeping Computers) web site using, RKILL, Malware Bytes and Security essentials. When i am finished my icons on the descktop were gone, (Fixed them with "properties, advanced aand unclicking hidden files" but I still have no Icons in the all programs menu in the start menu except those that i have loaded since the fix. (PSI)
any ideas?

A:Missing Program Icons in Start menu. All Programs after fake anti virus 2011

What else is currently wrong with the system?

Any indication that your malware problems still exist?

Louis

Read other 7 answers
RELEVANCY SCORE 105.2

Hey guys, my other computer is infected with the Vista Anti-Spyware 2011 rouge anti spyware. I have tried to run MBAM with no luck (the malware opens up instead of MBAM) I am currently trying to see if it will work in Safe Mode. Also, this is my other computer and because of the virus it has no internet access (anytime I try to navigate to a page the malware pops up) so please keep that in mind as you're giving instructions.

Thanks a lot guys
 

A:Virus/Malware: Vista Anti-Spyware 2011 (rouge spyware)

Alright, so this is just and update and a bump since I haven't had any replies in 24 hours

I tried to run MBAM in safe mode and the virus still popped up so this thing is pretty entrenched. Help me out here guys, thanks
Thanks
 

Read other 2 answers
RELEVANCY SCORE 105.2

It seems my buddy's computer has some sort of Malware/Virus and has asked me for help.

3 screens appear on reboot.
Windows Security Center (lookalike)
-only has XP Anti-Spyware 2011 and Internet Options icons at the bottom
XP Anti-Spyware 2011 - Unregistered Version
-fake Infected listing
XP Anti-Spyware 2011 - Unregistered Version
-Attention Danger, blah blah

XP Home SP3
Can NOT turn on XP Firewall
Can NOT run Internet Explorer v8

Defogger - would NOT run, just does nothing when I try.
DDS - does run, logs created
Gmer - would NOT run, just does nothing when I try.

Booted into safe mode

Defogger - DID run, selected Disable
DDS - does run, logs created
Gmer - DID run, made sure options were correct, clicked Scan
-could not save log file as Safe Mode booted up into 640x480 video mode
-and save button was off the screen with no scroll bars to navigate to it
-No way to navigate to the Save button via mouse our keystrokes

Rebooted back to Normal mode

DDS - ran it again (attached Log files)
Gmer - still didn't run

Posted this information here

DDS.log:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 19:37:15.00 on Thu 04/14/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.1122 [GMT -7:00]
.
AV: ZoneAlarm Security Suite Antivirus *Enabled/Outdated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WIN... Read more

A:XP Anti-Spyware 2011 Malware/virus

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is... Read more

Read other 4 answers
RELEVANCY SCORE 104

Hello-
My computer keeps getting these popups about protecting against viruses and populates this fictitious list of infected programs that don't exist. I followed the removal instructions off of this website:

http://www.2-spyware.com/remove-vista-anti-virus-2011.html

After completing the first step, where i registered the number with the fake anti-spyware program, the popups stopped, and my computer is running really slowly but relatively normally as I run malwarebytes and avast full system scans. How can I know if I completely removed this thing after the scans are done? I just want to be sure that I get this taken care of instead of just making it not a visible threat that is still there.

-dave

A:Malware or Virus "Vista Anti-spyware 2011"

Please follow the instructions in ==>This Guide<==, if you want a deeper look.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Once you have created the new topic, please reply back here with a link to the new topic.

Read other 3 answers
RELEVANCY SCORE 104

After following removal procedures from other websites, this thing is still on my computer and is slowing it down massively, and slowing down our internet connection as well. It is called Vista Anti-Spyware 2011, and I want to get rid of it but am not sure how. I ran avast and malwarebytes, but have been thus far unable to get it off of my computer. I can still access the internet, and open programs, but I can't close out the icon in the bottom right corner by the clock. I have attached the DDS file as instructed. Thanks for the help!-DaveThis is a continuation from this thread:http://www.bleepingcomputer.com/forums/topic395069.html/page__gopid__2230809#entry2230809A couple of the programs that avast is giving me warnings about are conhost.exe, dwm.exe, and csrss.exe. Once again, please help. This is in reference to this thread from yesterday:http://www.bleepingcomputer.com/forums/topic395086.html/page__gopid__2230812#entry2230812-daveEDIT: Topics and posts merged ~Budapest

A:Malware or Virus "Vista Anti-spyware 2011"

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 2 answers
RELEVANCY SCORE 104

On the screen stuff would pop-up like, this thing has been blocked would you like to block it and it would give you a yes or no option.
For example:A warning comes up when i try to access the internet saying do you want to continue with this because it could be dangerous.
Another pop-up gives me a scan about infected programs.
Attack From: 212.74.13.87 port: 36423
Attacked Port: 60209
Threat: Trojan-Proxy.Win32.Agent.q

Attack From: 163.237.214.232 port: 40925
Attacked Port: 27272
Threat: Exploit.CodeBaseExec

Attack From: 48.126.152.55 port: 35012
Attacked Port: 41255
Threat: Email-Worm.Win32.Eyeveg.f
--------------------------------------------------
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Veronica at 20:54:46.75 on Mon 11/04/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_24
Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.61.1033.18.2039.1196 [GMT 8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.ex... Read more

A:Anti-Spyware Vista Sercuity 2011 Virus

Bump.

Read other 8 answers
RELEVANCY SCORE 103.6

Have bad infection...need best free Anti-virus, Anti-spyware, and Anti-malware software please....

THANX

Running Windows XP
 

Read other answers
RELEVANCY SCORE 103.6

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

sorry forgot my HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\I... Read more

A:Anti-Virus Anti-Malware and Anti-spyware not updating

Hi, welcome to TSF!

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Read other 4 answers
RELEVANCY SCORE 103.6

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\... Read more

Read other answers
RELEVANCY SCORE 103.6

My brother accidently installed a fake antivirus. It wont let him get on the internet, run basically any program (even taskmgr) or do much anything unless he "activates the antivirus" by buying it.

Iv tried running Remove Fake Antivirus 1.72, full system scans with Spy Sweeper and MSE. Nothing has worked. Any ideas?

A:Fake Anti-virus cant remove

Have you tried removing it in the safe mode or doing a system restore?

Read other 9 answers
RELEVANCY SCORE 102.8

And now I seem to have it on this labtop too--at least, the Anti-Spyware one. I'd like to focus on my main computer first through. My usual tools on it are Spybot, Avira, and Anti-Malware free version (if I have to buy the full version, I will). I also ran a Hijack-This log off of the main computer if that helps. Anti-Malware isn't working on that computer either--something about a Windows service being off? I appreciate any help you can give me.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 20:04:41.46 on Mon 04/18/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2492 [GMT -4:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\msiexec.exe
svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Common Files\Micro... Read more

A:XP Anti-Spyware 2011 and Google Redirect virus combo

Good evening. Take a trip to this webpage for download links and instructions for running Combofix by sUBs.* Please be aware that this tool may require the PC to be rebooted so close any programs you have open before you start. When CF has finished, it will produce a log - C:\ComboFix.txt - copy and paste it into your next reply. Let me know how the PC is behaving.* There are two points to note from the instructions page:1) The Recovery Console.It is recommended that you install this as, in certain circumstances, it may be the difference between a successful repair and a reformat. If you are uncertain as to whether or not you already have the Recovery Console installed, simply run CF and it will prompt you if it does not detect it.CF will complete some, but not all, of it's removal tasks without the installation of the Console so, should you choose not to allow the installation, you may not get the results you hoped for.2) Disabling your Anti-Virus.CF has been the victim of false-positive detections on occasion and a resident AV may incorrectly identify and delete part of the tool which won't do it much good. If you don't disable your AV, you may not get the results you hoped for either.

Read other 10 answers
RELEVANCY SCORE 102.8

I have successfully removed the virus but it stopped my internet connection. So now I don't have internet. Can anyone help?

A:XP Anti-Spyware 2011 Virus has killed my internet connection.

Let's see if you can get it back with this batch file:

Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click to run as Administrator.

If that doesn't work, make sure your not using a proxy server.

Disable the proxy settings in Internet Explorer:
1) Under ?Tools? in the browser tool bar select ?Internet Options?.
2) In the ?Internet Options? window that pops up, click the ?Connections? tab at the top.
3) Click ?LAN Settings? near the bottom of the ?Connections? section.
4) If the ?Proxy server? checkbox is marked with a check, click it to deselect/uncheck it.
5) Click ?Ok? to close the ?Local Area Network (LAN) Settings? window.
6) Click ?Ok? to close the ?Internet Options? window.
Reboot
Make sure "Proxy server" is still disabled under your LAN Settings.
Test whether internet connectivity is restored.

Read other 6 answers
RELEVANCY SCORE 102.8

My computer (it has Windows 2000...so I couldn't find where I could do a system restore which would be the quick fix) just got this fake virus alert and spyware program on it. My homepage in internet explorer is now set to //www.systemuptodate.net/ I think the file called: C:WINNT/system32/shdoclc.dll/navcancl.htm or something like that is the bad file but I couldn't find it to delete it on HJT.Here's my HJT:Logfile of HijackThis v1.99.1Scan saved at 9:39:40 AM, on 6/3/2006Platform: Windows 2000 SP2 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\acs.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\System32\Ati2evxx.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\Explorer.EXEC:\WINNT\System32\Atiptaxx.exeC:\Program Files\Common Files\AOL\1133407375\ee\AOLSoftware.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\WINNT\System32\de081d1d.exeC:\Program Files\Internet Explorer&#... Read more

A:Fake Anti-spyware/virus Program

Hi debbie703 and Welcome to the Bleeping Computer!Download smitRem.exe ?noahdfear, and save the file to your desktop.Double click on the file to extract it to it's own folder on the desktop.Please download FixWareout from one of these sites:http://downloads.subratam.org/Fixwareout.exehttp://www.bleepingcomputer.com/files/lonny/Fixwareout.exeSave it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.The fix will begin; follow the prompts.You will be asked to reboot your computer; please do so.Your system may take longer than usual to load; this is normal.Once the desktop loads a text file will open report.txt,please save this report.Let the System reboot Normal once,then Reboot into SAFE MODE(Tap F8 when restarting)http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_namAfter restarting in Safe Mode,Configure Windows to Show All Hidden Files and Folders Here is a link to help with that:http://www.bleepingcomputer.com/tutorials/...62.html#win2000Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.Wait for the tool to complete and disk cleanup to finish.The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed.Open HijackThis-> Click "Do a System Scan Only" and put a check by these but DO NOT hit the Fix Checked button yetO2 - BHO: Nothing - {6ab7158... Read more

Read other 3 answers
RELEVANCY SCORE 100.8

Hi,

Thanks for the quick response. Please find the logs attached. If possible, once this is closed out, can i request these files be removed? Just wondering.

Thanks again for the help! It is much appreciated.

Thanks,

_________________________
Hi,

I've come to you guys with issues before and have always had success with you! I clicked on a banner on a website and got infected with some spyware or virus. I keep getting pop-ups as well as fake scans from a rouge "Vista Anti-Virus 2011" security center. It also requests that i purchase their product.

I have run the DDS and GMER but do not want to post it to the site since it is a laptop with sensitive information. If possible, can i send a personal message to show my scan results.

Thanks,

Read other answers
RELEVANCY SCORE 100.8

Hi,

I've come to you guys with issues before and have always had success with you! I clicked on a banner on a website and got infected with some spyware or virus. I keep getting pop-ups as well as fake scans from a rouge "Vista Anti-Virus 2011" security center. It also requests that i purchase their product.

I have run the DDS and GMER but do not want to post it to the site since it is a laptop with sensitive information. If possible, can i send a personal message to show my scan results.

Thanks,

A:Vista Anti-Virus 2011 Virus or Spyware

Hello,


Quote:




I have run the DDS and GMER but do not want to post it to the site since it is a laptop with sensitive information. If possible, can i send a personal message to show my scan results.




Unfortunately Assistance via PM is against the Forum Rules.

You didn't seem to have an issues with it when you asked for help several times in the past. If you're uncomfortable with the display of the logs, you would be advised to seek professional help.

If you still wish to receive help, please create a new thread and post your logs, as this one shall be closed.

Read other 1 answers
RELEVANCY SCORE 100.4

First of all i would like to apologize if this topic is in wrong category, or it should not even be asked on this site. And second of all, please be patience i'm a noob looking for answers So whats all about? Well i'm meeting new terms here and i have no idea what they mean and what they do. And as anyone else i wanna be safe in this era of cyber-crime. So basically i know whats a anti-virus and a anti-spyware and that they can run together. Also i heard that 2 anti-virus don't do good but 2 anti-spyware do. So what i'm asking is, what is a anti-malware? Can a anti-malware, anti-virus, and anti-spyware run together? Could you suggest some good+free of those 3? Sorry for my bad English and being such a noob

A:Anti-malware, Anti-virus, Anti-spyware

Florin, you might take interest in this thread, though it may be quite a bit of reading: What's the Best Anti-virus?

It is there that they discuss all kinds of different antiviruses and coupled security software. I personally only use Microsoft Security Essentials, but I have used it along with Malwarebytes for added security in the past.

Basically, you could have your system completely locked down with lots of extra security, but in some cases it becomes a hassle because of how much your computer becomes protected and overly secured. If you prefer a speedy computer over security, generally you use less security software, but if it is the other way around, you will want beefier security software which may slow things down slightly. That link I've provided will have most everything you will need.

Read other 9 answers
RELEVANCY SCORE 100

Hi there.

Two days ago I was sent a fake youtube link through YIM. I clicked on the link not knowing it was a fake. It started with a letter G before the words youtube on the URL. Once I clicked on it, it took me to a page that appeared to be a youtube page. Once there, it said that I had to update my Adobe in order to see the video. Well, like an idiot I clicked on it and all he-- broke loose. I now don't have access to use any of the following on my computer: Safe Mode, System Restore, Spybot Search and Destroy, AVG, Super Antispyware, or Ccleaner. If I hit F8 after rebooting the computer, it takes me to the black screen where I can choose Safe Mode. Once there, I pick safe mode and it brings me back to the same black screen over and over again. When I try to do system restore, it says it's disabled by group policy. I've searched high and low to try to fix the System Restore problem and it just won't let me. Can someone please help me? I'm going crazy over here. Thanks so much.
 

A:Fake youtube link gave me a virus, disabled spyware/malware/anti-virus

Hello again.

I have realized that I have this lingering around somewhere in my computer. $McRebootA5E6DEAA56$

Would anyone be able to tell me how I go about trying to find out in which folder this is at? I found this running when I entered msconfig on the Run field.
 

Read other 1 answers
RELEVANCY SCORE 99.6

This morning, my mom told me to look at her computer because there was something wrong with it. After an hour or so of looking at it, this is what learned:
There's an "Anti-virus" program installed on her laptop that makes claims of fake infections and attempts to lure the user into purchasing the full version of this so-called anti-virus program.

She uses AVG Free edition as her actual anti-virus. This new program (further to be called the "infection") wont allow me to open AVG.

The infection also redirects Internet Explorer to a page that says the following:
Internet Explorer alert. Visiting this site may pose a security threat to your system!
...
Things you can do:
Get a copy of 'Win 7 Security 2011' to safguard your PC while surfing the web (RECOMMENDED)
Run a spyware, virus and malware scan
Continue surfing without any security measures (DANGEROUS)Click to expand...

Upon looking into the running processes, I found something I've never seen before. An entry called "ugg.exe" and the description of which is "Gpg4win: The GNU Privacy Guard and Tools for Windows"
When this process is ended, the taskbar popups cease and any "Win 7 Security 2011" windows close. However, an attempt to run IE or AVG restarts this process and puts us back at square one.

Trying to open the file location of the "ugg.exe" file, it brings me to the AppData\Local\ folder, however, there is no such file in that locati... Read more

A:"Win 7 Security 2011" Fake anti-virus program

Read other 7 answers
RELEVANCY SCORE 96.8

Camera Wizard not poping up after removing Total Security/Antivirus Pro_2010 I have a PC with Windows XP SP3 with Avast, SuperAnti-Spyware and MBAM while browsing I got a yellow virus warning (something win32 I believe) from Avast pop up near the bottom tray and within seconds the Total Security pop-ups started. My PC slowed to a stop so I rebooted and saw that Antivirus Pro_2010 had installed itself on my PC. All my Anti Virus programs would not start (ie MBAM) so I ended up following forums to end some processes, delete some .dll files that were known to be malicious and rename the .exe's to get Anti Virus programs to run. I installed and used AVG which found a couple things. Then I used ComboFix, and finally I got MBAM to run which found a good 40+ trojans etc. I believe I got the virus off but I tried to restore to before I got the virus but was unable to. I have since run scans with MBAM and SuperAnti-Spyware which have found nothing. Avast also finds nothing but it has a list of 44 files (mostly in WINDOWS\ folder with the last path part of file doubled) that it is unable to scan: because "The system cannot find the specified path". When I look on my C: drive and follow the file path, the second to last part is always missing (ie. WINDOWS\addins\addins) addins is not there. When I plug in my camera, the camera wizard does not pop up anymore as it use to before I had and removed the virus. I also saw on the unscanable list that there was a WINDOWS\Connecti... Read more

A:Help to remove Total Security and Anti-Virus Pro_2010 rogue anti-virus programs

Can someone please help me?
 

Read other 1 answers
RELEVANCY SCORE 96.4

Hello, I consider myself a fairly advanced computer user, but I'm having an issue I'm 99% sure is MalWare related. My laptop freezes CONSTANTLY, sometimes out of nowhere, and sometimes when I walk away for 5 minutes. I have tried numerous times to run AVG, Ad-Aware SE, and both freeze shortly after the scan starts (also tried in SAFE MODE). Now sometimes I can browse the we for hours, but as soon as a start a scan, install, or update, these issues are more common. I am fairly confident that this is not a hardware issue, since I've ran advanced diagnostics on them all, including BIOS. I have a HiJack This Log, and help would be greatly appreciated!

HiJackThis.log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:22 AM, on 9/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDO... Read more

A:Unable to Run ANY Anti-Virus or Anti-Spyware programs, Comp freezes every 5 minutes.

BUMP!

--sorry, I'm desperate.
 

Read other 3 answers
RELEVANCY SCORE 96.4

Hello,

I have a problem that is far beyond my limited skills. One of our people has a laptop that has either malware or a virus infecting it. Two symptoms are present: first, when using firefox web pages get redirected to advertising or to unrelated google searches; second, the machine seems more sluggish than usual.

I have tried to download anti-spyware software (e.g. Spy Sweeper, CounterSpy, MalwareBytes, Superantispyware, PC Doctor) and nothing works. In some cases such as Counterspy and PC Doctor, the executable will run but the program will not update (and thus, not allow for a scan). In other cases such as MalwareBytes, the executable simply will not run.

I have run a Trend Micro anti-virus scan. It seems to detect something but it crashes before the scan can complete. The same thing happens with Panda Activescan. Last night, I ran Panda Activescan for over 8 hours. When I woke up, the scan had frozen at the 52% point and had found 1 infected file, which it didn't appear to clean up.

Anyway, I'd really appreciate any help.
Best regards,
Jordan

A:HELP! -- Anti-spyware / Anti-virus doesn't work; malware crippling our machine

Uninstall all of the programs but Super Antispyware, Trend Micro and MalwareBytes AntiMalware.Find the MBAM.exe and rename it BAMM.com by right clicking on the file and choosing rename.Download the manual updates for MBAM from the link below. Double click on it to install. http://www.malwarebytes.org/mbam/database/mbam-rules.exeINSTRUCTIONS FOR USING MBAM:http://www.bleepingcomputer.com/forums/ind...t&p=1100727

Read other 1 answers
RELEVANCY SCORE 96.4

According to a story at Washingtonpost.com, the latest definitions for Microsoft's Anti-Spy flags Symantec's Norton Antivirus as a trojan and prompts users to delete essentials of the program. Users who follow the instructions hose their installation of Norton, requiring Windows registry edits and complete removal/reinstallation of Norton.

Microsoft's support forum is filling up with complaints, many from businesses that have been hard hit. This should be a cautionary note about deploying beta products in production environments.
 

A:READ!!!Microsoft Anti-Spyware Deleting Parts of Norton Anti-Virus

Read other 8 answers
RELEVANCY SCORE 96.4

Hello!

I've been doing a springclean for my PC, and I would be grateful if someone would check my hijack this log for problems.

I've run all of my anti-spyware and AVG programes first. But, I have a question: after my programes have scanned for problems and put all the bad stuff into quarentine, do I need to do anything else with them?

I'm not sure if I should be trying to find ways of removing trojans etc. or if it is ok to just leave them in the quarentine area indefinatly.

Thanks for your help!

-------------

Logfile of HijackThis v1.98.2
Scan saved at 13:43:41, on 24/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\AntiVirusKit\AVKService.exe
C:\Program Files\AntiVirusKit\AVKWCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\AntiVirusKit\AVKPOP.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\System32\ctfmon.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\Pro... Read more

A:Solved: A hijack this log, and a quick question re: anti-spyware and anti-virus programes

Read other 7 answers
RELEVANCY SCORE 96.4

Please help. I am working on a network and need a corporate anti-virus program and anti-spyware programs? I know McAfee and Symantec offer something, but I know the personal editions I have had a less than nice experience. Any suggestions?

A:Need A Corporate Anti-virus Program And Anti-spyware Programs? Any Suggestions

Take a look at this Spysweeperhttp://www.webroot.com/enterprise/products/

Read other 4 answers
RELEVANCY SCORE 96.4

I recently downloaded PC Security Shield (supposedly a good anti virus program) and Spyware Terminator (antispyware) and noticed that their icons sometimes, do not show up in my system tray when I boot up. And it stays like that. I've had no icons for three days now...huh?

I've looked up this problem in the accompanying (Security Shield) help menu and it wasn't any help....but it basically states no icon = no protection....so what the bejeepers can I do to fix this problem?
 

A:Anti virus/anti spyware programs missing from system tray

Just a quick thought, go to start-up options and see if they are listed as due to run on start-up, if you have no suitable programme to view your start-up programmes go to run and type msconfig and check the start-up tab
 

Read other 2 answers
RELEVANCY SCORE 96.4

Hello All,I am not able to update my Zone Alarm Internet security suite for some weeks now. I was directed here from the Zone Alarm Forum. Although I can browse through most of the websites, I am not allowed to access Zone Alarm update, Microsoft update. I also tried http://www.malwarebytes.org/mbam.php and also http://downloads.superantispyware.com/down...AntiSpyware.exe but was denied access both on IE and FirexFox.Further Filemon and RootkitRevealer do not work any on my machinePlease help.Thanks

A:Unable to access Anti-virus updates / Anti-spyware website

Thanks guys,
All problems solved Thanks to SuperAntiSpyware.

Read other 2 answers
RELEVANCY SCORE 96.4

I have just finished with my original support and probably have to reformat. However, I would like to find out what is going on or at least in some contribute to helping someone in the future so I have come here.Despite good computer hygiene, Adaware, Spybot, McAfee-now Kasperskey, CCleaner, HijackThis, updating (wondering if this might have brought in some problems), and Zone Alarm firewall, I have problems which I first noticed when I was hijacked from Paypal. This showed on my first HJT scan but disappeared without treatment shortly thereafter. My antivirus, etc., have been disabled although they LOOK as if they are working but don't so much as find a cookie anymore--except for CCleaner. Spybot doesn't find About:Blank but it showed up on the browser scan. I tried to delete it and it doesn't show on any scans but I still see it fly by the bottom of my screen as IE pages are loaded. When I go to my history or temporary files, when I can see them, they are mostly ad pages. I have tried all the usual CWShredder, etc., and they don't find anything.MWAV is the only scan that has shown much. When I submit some suspicious files from comboscan to either VirusScan or Jotti, more often than not they jam VirusScan and I get error messages from Jotti that it is either the wrong stream or the file is empty. Sometime the folders are empty. I have tried to rename them but many times I am not allowed. Sometimes when I explore I can see the folders have information but when I go... Read more

A:Anti-spyware & Anti-virus Disabled, Keylogger, Hijack, Worms

Download this program:submit files packerHighlight the files listed below in bold and right-click and selecting copy.C:\WINDOWS\zts2.exeC:\WINDOWS\system32\vcmgcd32.dllC:\WINDOWS\system32\iifgfgf.dllC:\WINDOWS\rundll16.exeC:\WINDOWS\rundl132.dllC:\WINDOWS\logo1_.exeC:\WINDOWS\system32\TASKMGR.COMC:\WINDOWS\REGEDIT.COMC:\WINDOWS\system32\T.COMC:\WINDOWS\R.COMC:\WINDOWS\system32\tmp.regThen start the file packer program and right click in the white box and select paste to paste the copied file names in the field.Then press the Continue button.I will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.Rename this file to yourmembername.cab (for example grinler.cab).Then go to:http://www.bleepingcomputer.com/submit-malware.phpand fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.

Read other 54 answers
RELEVANCY SCORE 96.4

Hello. My Laptop has Windows XP SP3. I have both Windows Defender and Spy Sweeper for anti spyware and Norton Anti Virus. The problems started a few days ago when a weekly scan of the antivirus reported the following. 1/14/2010 20:06 23ecd795-1c985b76 ?????? Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\ Still contains 3 infected items Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/TrewsdF.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\23ecd795-1c985b76 Infected Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/LoaderX.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21\23ecd795-1c985b76 Infected Quarantine Clean virus from file Quarantine infected file Scheduled scan The file was quarantined successfully. 1/14/2010 20:06 myf/y/AppletX.class Downloader File; Compressed file Quarantined admin C:\Documents and Settings\admin\Application Data\Sun\Java\Deployment\cache\6.0\21&... Read more

A:Web Browsers Intermittently Hijacked. Malware undetectable by Incumbent Anti Spyware and Anti Virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.??If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine.??Please perform the following scan:Download DDS by sUBs from one of the following links.??Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool.??No input is needed, the scan is running.Notepad will open with the results.Follo... Read more

Read other 11 answers
RELEVANCY SCORE 96.4

Hey guys ... I've searched the forums and done just about everything that I can do so far to no avail and am at my wits end with this thing.So yesterday for no reason, FireFox just decides to close. Fine, no big deal, but then I relaunched and it did it AGAIN a few minutes later. Then I got the lovely Microsoft Security Essentials error message saying that I had a Trojan in Unknown Win32. Of course, I knew that was a fake, so I tried running my Spybot S&D, but it wouldn't load. Double-click, hourglass, nothing. Suddenly, I wasn't able to launch any anti-anything software, wasn't able to get to my regedit, task manager, nor launch a browser. Eventually, in safe mode, I located the Hotfix. exe, removed it, and the error message went away.However, I'm still unable to launch ANY anti-spyware/malware/virus software. In safe mode, I did actually download, register, and install StopZilla, which found 48 objects and removed them. I rebooted and ... yeah, same thing. Currently looking into getting a refund for that piece of fun.Spybot S&D loads in my systray and does the TeaTimer real time thing that it does, but I can't RUN it for scanning. Also, I have the installer for SuperAntiSpyware, but the nifty Double-Click, Hourglass, Done trick happens when I try to launch that for installation in safe mode OR out of it.In FireFox, I'll find a result for something that looks promising, click on it, and suddenly I'll be presented with another website ... Read more

A:WinXP - Unable to launch/install anti-spyware anti-virus and browser hijacked

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

Read other 2 answers
RELEVANCY SCORE 96.4

i have uninstalled norton anti-virus 2008 from my computer however it is still coming up in the start menu and loading on startup. i am wondering how i can remove this and other things from my startup? i can not install any other anti-virus until this is removed.

note: i tried removing them from startup once and it keeps telling me i have put it in a specific startup mode. but when i change the mode it still does not work.

i also removed a instance of windows xp from the boot.ini section that i did not need and when i change the mode the other instace comes back up on reboot.
 

A:Solved: help! norton anti-virus 2008 cant remove wont let me install another anti-vir

Read other 9 answers
RELEVANCY SCORE 96

Hello,

Firstly thank you for your help - I really do appreciate it.

My HpCompaq laptop is infected with a virus that is blocking multiple anti-spyware software, Vista updates, and even my Kaspersky anti-virus.

1) The virus does not allow me to access websites to download anti-spyware nor access the windows update site.

2) I have downloaded the following programs on another computer, burned on CD and run on my laptop:
- Malwarebytes Anti-Malware - Installed but does not run
- Spybot - Cannot install as access to the website is blocked during installation
- AVG Anti-Virus trial version - Cannot install due to 0x8007013d - Action failed for file avgmfx86.sys

3) I have managed to run CCleaner and clear out all the temp internet files

4) The HiJack This log reads:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:59, on 14/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files... Read more

Read other answers
RELEVANCY SCORE 96

I use avast! anti-virus... and have for a long time. I've been using SuperAntiSpyware for several months (as well as other antispyware programs), too, and they've always co-existed together with no problems.

Suddenly last night, avast! alerted me that SuperAntiSpyware "contains a sample of a Win:32 Trojan".

I'm no expert but I'm thinking this is unlikely, so I have told avast! to ignore SuperAntiSpyware, and NOT scan that SuperAntiSpyware.exe file.

Is this foolish?

Should I allow avast! to move the offending file to quarantine?
Or should I uninstall SuperAntiSpyware first (since quarantining the exe file will certainly render it useless anyway)?
Or can I continue to ignore the warning altogether??

Any expert advice would be greatly appreciated!

Thanks in advance,

~Julie~
Additionally:

I connect to the 'net (and a home network!) wirelessly.
My computer spec's are in the profile.
 

A:Solved: Anti-Virus Suddenly Alerts Me to Anti-Spyware... ?

Read other 8 answers
RELEVANCY SCORE 96

http://www.bleepingcomputer.com/forums/t/43934/microsoft-anti-spyware-deleting-norton-anti-virus/

Read other answers
RELEVANCY SCORE 96

I ran AVG anti spyware and Trend Micro AntiVirus and then f-secure. after cleaning up some viruses and trojans i still am getting pop-ups while browsing the internet.

log file:
Logfile of HijackThis v1.99.1
Scan saved at 2:45:02 PM, on 10/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Documents and Settings\Heather Beamish\Application Data\WinTouch\WinTouch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Heather Beamish\Desktop\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Expl... Read more

A:Solved: Still Recieving pop-ups after running Anti-Virus and Anti-Spyware

Read other 6 answers
RELEVANCY SCORE 96

Hey,

How can I create a script that runs many different Anit-Virus, Anti-Spyware and many more one after another automatically?

Thanks
deanpcmad

A:Script To Run Anti-virus Anti-spyware, Etc Scans Automatically On After Another

I for one see a problem with 'automating' your malware tools, with a script. I don't allow any antimalware app to take action without prompting me for confirmation. That way I know what is coming up as malware. With a script you are trusting that it will make the right selection of actions without confirmation. The possibility is there to delete a perfectly legitimate file in error. Then you have to guess which application removed your legitimate file. Then you need to hope it can be 'restored'. In my opinion there is just too much trust and risk given to a script if it can even be done.

Read other 5 answers
RELEVANCY SCORE 96

That's pretty much my problem. I don't know any details that could help. I tried installing Spybot to scan for the problem but I couldn't install it because my computer couldn't connect to the website and I can't move on with the installation. I'm about to scan with Avast but I doubt it will help. I know I didn't say much substance but hope it helps. Here's the HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:54:49, on 26/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.e... Read more

Read other answers
RELEVANCY SCORE 96

Hello. =)

I'd like to know if there's an anti-virus/anti-spyware that, if my computer accidentally gets cut off, will resume where it left off? So, if the scan was 20% complete, and the computer turns off, once the computer is restarted it'll resume at 20%.

More Information
My computer, for some odd reason, keeps randomly turning off -- especially at night (usually after midnight). I've tried removing dust from the vents, wiping the vents with a little rubbing alcohol and a dry cloth, and using a fan to blow into the vents (in case it's getting too hot inside the hard drive). Nothing works.

A friend of mine told me to run an anti-trojan program; unfortunately, that didn't work. I've also run anti-virus scans (with AVG Free Edition) and anti-spyware scans (with LavaSoft, Anniversary Edition), and those didn't work either. The last time AVG & LavaSoft did a full scan was early this year (maybe January or February). But now, when I try running full scans, the computer ALWAYS cuts off.

Usually when I turn the computer back on, it gets frozen at the blue "HP/Intel" screen (Screen 1 of 4). Sometimes it'll go straight to the black "boot screen" (Screen 2 of 4; i.e., the screen where you can choose to use the Home Recovery Console, or go straight into Windows XP)...but then it (usually) immediately cut off. [*]

[*] = When my computer boots up, I always see four different screens before it reaches my desktop: a bl... Read more

A:Is there anti-virus/anti-spyware that resumes if computer turns off?

Hello

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 96

Microsoft Anti-Spyware Removes Norton Anti-Virus Posted by Zonk on Saturday February 11, @06:32PMAn anonymous reader writes "According to a story over at Washingtonpost.com, the latest definitions file for Microsoft's Anti-Spyware beta flags Symantec's Norton Antivirus products as a password-stealing trojan and prompts users to delete portions of the program. Users who follow the instructions hose their installation of Norton, requiring delicate Windows registry edits and a complete removal/reinstall of Norton. http://it.slashdot.org/it/06/02/11/2259232.shtmlMicrosoft Anti-Spyware Deleting Norton Anti-VirusBy Brian Krebs | February 11, 2006; 01:42 PM ETMicrosoft's Anti-Spyware program is causing troubles for people who also use Symantec's Norton Anti-Virus software; apparently, a recent update to Microsoft's anti-spyware application flags Norton as a password-stealing program and prompts users to remove it.According to several different support threads over at Microsoft's user groups forum, the latest definitions file from Microsoft "(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer)".http://blog.washingtonpost.com/securityfix...deleting_1.htmlEdit to include note from Oldfrog at CCSP: This refers to the Enterprise version of NAV and not the home version.

A:Microsoft Anti-spyware Deleting Norton Anti-virus

Microsoft AntiSpyware Definitions Update #5807 corrected this false-positive.http://forums.subratam.org/index.php?showt...view=getnewpost

Read other 1 answers