Computer help: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN
same pop-up - I think it's from TaxCut website
by huna2000 - 3/22/08 6:21 PM In reply to: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN by wheelwinnerI had the same pop-up happen today. I use this PC only for bookkeeping and rarely surf the net. I am about 95% sure I got it from the TaxCut website - that is the only site that I have hit today other than Yahoo mail.
There is still something there
by doctorxx08 - 3/22/08 8:55 PM In reply to: same pop-up - I think it's from TaxCut website by huna2000I was on turbotax online recently doing my taxes. I doubt the problems would have come from there though. I tried that anti-rootkit program. When I scan my computer, either just searching for rootkits or perform in-depth search, it just comes up with one file, c:\windows\System32\Drivers\aqam8pbs.SYS, and it says its a hidden driver file. I'm not sure if that is something that is supposed to be there or not. I just know, that after running the superantispyware program in safemode, and finding over 102 bad files, the one program is still running that has no name. You all know what I mean right, when you use Alt-Tab to switch between programs, you move it to outlook express and in the box below, it says outlook express, move it to the next thing and that name is there too. When I move it onto the mystery program, there is nothing below. All I see is the white box with the blue line at the top. Nothing so far has gotten rid of it. Any ideas?
defender pro
by msemrk - 3/22/08 11:49 PM In reply to: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN by wheelwinnerI use defender pro security suit. It is powered by kapersky labs and does a great job. recently I had to renew, and the newest version is an all in one program. literaly an all in one. the antispy also checks for root kits. it is not free, but works great. as with anything, you may get some false positives, but for the most part it works great. you may also want to try spybot s&d. it does a good job as well of finding and getting rid of these things.
Not sure what to try next
by doctorxx08 - 3/23/08 11:07 AM In reply to: defender pro by msemrkI've tried quite a few things trying to get rid of this mystery program, Spybot S&D, XoftSpy, spysweeper, superantispyware, ad aware 2007 and none of them have got rid of it. Some of them helped a good deal in ridding me of some nasty stuff though. Superantispyware has helped the most. Has anyone had what I'm talking about? You dont see the program running when you use ctrl alt del and look at the applications that are running and it doesnt appear to be in the processes that are running. Yet it is there when I Alt Tab.
My combination
by techsquadmike - 3/23/08 1:03 PM In reply to: Not sure what to try next by doctorxx08I like to use spybot, adaware, ccleaner, and Bit Defender online scan. Alot of people don't know about Bit Defender's online scan but it removes alot of crap.
If you run these programs, your machine should be clean as a whistle. For best results run spybot in safemode by tapping F8 on the keyboard as the computer is booting. Then choose safemode with networking.
Mike W.
Technician- <a href="http://www.techtrospect.com">Computer Repair in Washington DC </a>
If It's' XP Antivirus', then Did You Try...
by Grif Thomas
- 3/25/08 5:03 PM
In reply to: Not sure what to try next by doctorxx08
...the procedures suggested in the link I provided earlier? Here is it again:
http://forums.cnet.com/5208-6122_102-0.html?forumID=44&threadID=288404&messageID=2733056#2733056
Tried running RogueRemover from the link below:
http://www.malwarebytes.org/rogueremover.php
Hope this helps.
Grif
XP antivirus
by Rainyb9156 - 8/12/08 9:33 AM In reply to: If It's' XP Antivirus', then Did You Try... by Grif Thomas
Just wanted to Thank Grif, the link and walk through instructions he provided saved my computer, or should I say my Bosses computer {whew}. I am not all that computer savvy, and I was able to follow his instructions and get rid of this nightmare virus. Thank you Thank you Thank you.
Thanks Grif
by Recceghost - 8/28/08 1:13 AM In reply to: If It's' XP Antivirus', then Did You Try... by Grif Thomas
You...Da...Man Grif.
This was a nasty little bugger.
It kept changing my background on me to a screen that said I had a kabillion virus' and needed their help.
I would try and follow links for uninstall info and it would take me somewhere else.
It even tried to mask itself as the blue screen of death in the form of a screen saver...it was telling me windows was corrupt and that I needed to reboot...I hit a few keys and no response...rebooted and it happened again 5 minutes later...my screen saver is set to 5 minutes so finally i clue in and hit escape and it disappeared...then when I tried to change my screen saver settings, I had no settings tab under the properties menu.
Anywho...followed your advice and link to the RogueRemover software...downloaded it to Lappy...updated it...copied it to disk...threw it into the infected comp...ran the scan and everything was taken care of.
Thanks again,
Recceghost
False BSOD on XP Antivirus 2008
by Camra Bob - 8/30/08 9:23 AM In reply to: If It's' XP Antivirus', then Did You Try... by Grif Thomas
Signed up to provide more feedback.
Friend of mine who is a bit to trigger happy with the clickey button downloaded an e-mail and then downloaded XP Antivirus 2008 onto his laptop.
What a pig it is to get rid of. I used various spyware cleaners to try and remove it and in the end landed up on this forum and cleaned the residue off with malwarebytes.
But here is a bit more info for all of you that suffer this nasty little perisher.
The laptop seemed to be crashing with the Blue Screen Of Death and then rebooting but if you hit the enter/return key windows was still running. Strange that doesn’t happen with a BSOD. I suspect this is some sort of screen saver made to look like a BSOD.
So after running your malware removal software I think you have to go to your display settings and reset your screen saver and desktop background image.
Still had to manually delete some of the other file mentioned in this thread which seemed to be under slightly different names and one still being listed in the msconfig start-up list which as directed we had unchecked.
We think we have removed all of XP antivirus 2008 now but he still feels that it is running a bit slow. My next step is to run Process Explorer http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
to see if we still have anything unwanted running in the background and then run check disk, a good defrag program (O&O defrag) and finally give it a 'careful' registry clean as he had loads of malware on the machine.
He should now be protected against spyware creeping in and I hope he has learnt his lesson. NEVER OPEN UNSOLISITED E-MAILS and especially follow bogus instructions. (Unfortunately I cant tell you what the e-mail said or was titled).
Hope this is a little help to those who are suffering.
Thanks to the other contributors.
CAMRA Bob (That is as in Campaign for Real Ale)
trojan-spy.win32.banker.aiw
by borinots - 11/16/08 12:04 PM In reply to: If It's' XP Antivirus', then Did You Try... by Grif Thomas
Hello,
Have a Compaq Presario HP model SR5013WM with an Intel premium 4 CPU, 3.2 ghz, 1.5gb RAM, 32 bit o.s., running Windos Vista Basic.
A couple of days ago a 'microsoft windows alert' with a trojan-spy.win32.banker.aiw message popped up and I can't get rid of it. It also disables the mouse and after a couple of minutes it doesn't allow Firefox to get online.
I have run Adaware and deleted 22 bad files, also Norton Security has done a full scan and didn't find anything.
But the problem is still there...
Please help. How do I get rid of it?
You Haven't Tried The Tools Recommended Here?
by Grif Thomas - 11/17/08 1:35 PM
In reply to: trojan-spy.win32.banker.aiw by borinots
If you'll read other posts from this thread, many go like this:
First, ,,,,
Please download Malwarebytes' Anti-Malware from the link below:
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
Double Click mbam-setup.exe to install the application.
* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
_____________________
And IF you are not able to download these tools on your machine, please use a friend or family member's computer and download the Malwarebytes tool and it's manual update from the link below.. Once downloaded, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.
Malwarebytes Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe
Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe
After doing that, then download the free tool from the link below, install it, update it, then run a full system scan:
SUPERAntispyware Removal Tool
_______________
If you are unable to do any of the above steps, then, using a friend or family member's computer, please click on the link below and download the file, then create the Rescue disc mentioned.. When finished, place the Rescue disc in your problem computer, restart it and run the full scan.. Delete all items it finds.. When that's done, install the programs mentioned above and run scans with them as well.
Avira Rescue Disc Link
http://www.free-av.de/en/tools/12/avira_antivir_rescue_system.html
Hope this helps.
Grif
XP Antivirus Alert
by rickstapp52 - 3/23/08 6:18 PM In reply to: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN by wheelwinnerI had the same thing happen to me just about two weeks ago. I was directed to the Antivirus web site where i was instructed to download the XP Antivirus for free but also wanted to get your credit card information first. The next thing i new there was about $75.00 taken out of my account for this Virus protection, the only thing is that it didn't work. Now i'm trying to get my money back for something that didn't work and it made my computer worse than ever. I ended up having to re-program my computor like i did when i first got it and re-loaded the antivirus that came with my computer. That was the only way i could get rid of that popup that was showing on my computer. Now my computer works like it did when i boughy it. I was just swindled into getting something that was supposed to be free for 75.00 bucks that did not work. Don;t get taken in like i did. Just backup your system and reboot your computer it should be fine. RICKSTER
THATS A TROJAN!I DOWNLOADED IT AND MY AVG DETECTED IT!
by amelou - 3/25/08 1:09 PM In reply to: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN by wheelwinnerwell the site was really official-looking but still i got suspicious of it for a while but i said, hey, it could be genuinely from windows, it detected that i had 3 malware in my system so for the other 2 to be deleted i had to download the installer, a small file, like 68kb, so i searched google while downloading the file and then, guess what, i scanned it at first, avg did not detected it so i updated it and then after awhile it alerted me that it was a trojan. so beware guys! i was wondering how the pop-up got through since i had my pop-up blocker on. im using google toolbar.
Antivirus XP 2008 Do a System Restore to remove
by Frebyrd305 - 6/23/08 11:52 PM In reply to: WORRIED! XP ANTIVIRUS ONLINE SCANNER FLASHED ON MY SCREEN by wheelwinnerAntivirus XP appeared on daughters laptop today and I wasnt able to uninstall it using ADD/Remove programs,etc. Furthermore, it would arbatraily shut her PC off and the only thing I could access on it when it was turned back on is that program! I found a bunch of sites w. suggestions on how to fix it, but most of them were pretty detailed or involved buying another virus scan program (AVG did NOT find the virus, btw). The EASIEST way to remove it is to do a system restore. Do a system restore.
Go to START, PROGRAMS, ACCESSORIES, SYSTEM TOOLS, and SYSTEM RESTORE. Pick a date that you know is prior to XP Antivirus appearing on your computer and just follow the directions. I JUST did this a few minutes ago and it worked! No trace of that blasted program! The only potential problem is that anything that you've downloaded or any changes that you've made to your PC after the date you pick in system restore will be lost as well. GOOD LUCK!!
Remove Antivirus XP 2008
by RemoveAntivirus - 6/24/08 12:55 AM In reply to: Antivirus XP 2008 Do a System Restore to remove by Frebyrd305This is how I got rid of Antivirus XP 2008. It is different than the XP Antivirus 2008 most sites refer to.
First you need to stop the program from loading on startup. This is what you do to stop it:
Start, run
Type msconfig
Go to Startup tab
Uncheck lphc35dj0e1an
Uncheck rhc75dj0e1an
Click apply, then ok
Restart computer
Then you need to delete the main files this program uses. Delete the following file:
C:\windows\system32\lphc35dj0e1an.exe
Then delete the following folder and all files in it:
C:\program files\rhc75dj0e1an
This should remove the program from your system but you probably still have a warning message displayed as your wallpaper in Windows and the virus removed the ability to change the wallpaper or your desktop settings.
To restore ability to change your desktop settings and select a different wallpaper and screen saver do the following:
Start, run
type Gpedit.msc
Navigate to User configuration, Administrative Templates, Control Panel, Display
Right click on Remove Display in Control Panel
Click on Properties and select Disabled
Do the same steps to change the following attributes to disabled:
Hide Desktop Tab
Prevent changing wallpaper
Hide Apperance and Themes tab
Hide Settings tab
Hide Screen Saver tab
You should now be able to use your computer normally and change the wallpaper to something other than the warning message Antivirus XP 2008 set it to.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
