Computer Support Forum

Virus Removal Tool Program removal

Question: Virus Removal Tool Program removal

Hello:
I 'm not playing word games here. A month or two ago, I downloaded and ran the "Kaspersky virus removal tool". It found problems the other programs were missing. I followed directions and let it remove the problems. My big mistake was in keeping the program on the desktop to try again sometime. At some point WinUtilities, or Ashampoo Winoptimizer removed the Uninstall made by Kaspersky for this tool. The virus removal tool is not listed as a program, on Revo, Advanced Removal tool, or windows. It won't click to delete, but I feel it's a program, so maybe it shouldn't. It contains 321 MB,& 4890 files. Looking in permissions(security) of this "program", I seem to be lacking "Special Permission" . I'm afraid to tinker with permissions.
I would appreciate sincere , simple, step by step, help. I tried reinstalling a new Kas.virus removal tool, and then uninstalling it. Got rid of the new one , didn't touch the problem.
Thanks.

Relevance 100%
Preferred Solution: Virus Removal Tool Program removal

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Virus Removal Tool Program removal

Try this tool at your discretion*. The utility should pick up on any remaining traces of the program and display it on its list for removal.* The Windows Installer CleanUp Utility is provided "as is" to help resolve installation problems for programs that use Microsoft Windows Installer. If you use this utility, you may have to reinstall other programs. Caution is advised.

4 more replies
Relevance 94.3%

MS Removal Tool is a rogue software. It restricts you from accessing your desktop. You cannot start Task Manager, and you cannot open Internet Explorer or any other programs. This situation is the result of malware (a variant of Win32/Winwebsec) that is infecting your computer.
To remove the MS Removal Tool, follow the steps below: Boot your computer into Safe Mode.
Windows XP and Windows Vista:Start your computer and press and hold the F8 key.A Windows Advanced Options menu will appear. Use your arrow keys to scroll to Safe Mode and click the Enter key.Click the Start button, and then click Run.Type cmd then click OK. A black command prompt window will appear.Locate the affected directories:
Windows XP:Type cd c:\Documents and Settings\All Users\Application Data\ and press the Enter key.Type dir and press the Enter key.
Windows Vista:Type cd c:\ProgramData\ and press the Enter key.Type dir and press the Enter key.Type c:\Users\All Users\ and press the Enter key.Type dir and press the Enter key.Scroll through the list to find directories with random names that contains 18 characters. For example: cHl08200gMhHd08200 , pJg08200fBmPl08200.Type rd /s /q <random name>, and then press the Enter key. Replace <random name> with the 18 character name. Repeat this step for each random name you find.Type reg delete hkcu\software\microsoft\windows\currentversion\run once /v <random name> /f, and then press the Enter key. Replace <random name> with the 18 cha... Read more

More replies
Relevance 88.56%

So in the past when dealing with virus removal, I generally took the hard drive out of the affected machine and placed it into an IDE or SATA dock to turn it into an external hard drive and have the virus non functional outside of its "startup and infected/affect state" rooted to the root OS of the drive it is on.I have seen online people claim to use tools like creating a Bart PE startup CD or DVD with an antivirus on that to clean the systems as well as someone else on another google hit claimed to use a Linux Live CD with an Antivirus on that to clean the drive of malware.Question I have is ... What are the best bootable tool methods of attacking the removal of the malware? I am guessing its the bootable CD or DVD method which introduces a read-only source to the equation of which the system also boots off of so that any viruses would not start up, cant infect the disc, and they can be detected dormant and removed. I tried to make a Bart PE disc once placing Norton Antivirus on it, but it doesnt function, and then if it did function, how do you update the definitions on a read-only disc.* I understand that there is the potential to infect my test station ( workstation I use for projects and data recovery and malware removal ) using my current malware/virus removal method. This is one reason why I never use my important systems to perform interaction with foreign drives to contain any infection to that of the test station which can be wiped out clean via a ghost i... Read more

More replies
Relevance 87.33%

This trick might be useful try it

Manually Update AVP Tool Kaspersky Virus Removal Tool Signature Databases ? Raymond.CC
 

More replies
Relevance 86.92%

Hello,

I am writing to seek your assistance with removing the Security Tool program that has infected my laptop. I accidentally clicked on the screen that allowed this vile virus to enter my system. I mistakenly thought McAfee was sending me a message.

I researched how to remove this program and learned that combofix.exe is the best software to remove this virus. It also said I should not run the program without a "helper" with technical expertise.

I am hoping that someone can assist me.

I would greatly appreciate your help and direction.

Sincerely,

drw0531

Answer:Security Tool program removal

Remove Security Tool and SecurityTool (Uninstall Guide)Posted by Grinler on September 25, 2009http://www.bleepingcomputer.com/virus-remo...e-security-tool--------------------------------------------------------------------------------------------------------------------------How do I get help? Who is helping me?http://www.bleepingcomputer.com/forums/t/182397/am-i-infected-what-do-i-do-how-do-i-get-help-who-is-helping-me/The use of Combofix or any other high level removal tool is not for this area. If your malware analysis log shows indications of the use of these tools, there is a high probability your post will be ignored, or moved as is to the most appropriate forum.As this is an open area, available for any member to post in, please use caution when following the advice given. Instructions from the following members is to be considered trusted:Admin | Site Admin | Global Moderator | Moderator | Malware Response Instructor | Malware Response Team | BC Advisor -----------------------------------------------------------------------------------------------------------------------------A Reminder To Our Members Regarding Malware Logs, Credit: Animalhttp://www.bleepingcomputer.com/forums/t/126946/a-reminder-to-our-members-regarding-malware-logs/Thus, only trained members of the following groups: Malware Response Team, Malware Study Hall Senior, Moderators or Administrators are allowed to help people with logs.

1 more replies
Relevance 86.92%

I cant remove a program using Add and Remove, but have downloaded a tool from Microsoft which will remove programs, but can't remember the Item Number in Microsoft can anyone help?

Answer:Program removal Tool Microsoft

yes, ahem, it's called Windows Install Cleanup! See you soon :-)

3 more replies
Relevance 84.87%

The latest: Removal Tool from Symantec:

http:[email protected]html
EDIT:
PLEASE NOTE: Since Symantec did a major change on how to handle this worm from their first instructions, (and my first post) I have totally modified this post, as of 0326 EDT Sept 20, 2003, to reflect those changes. This should avoid the problem that Alison had and was most likely the reason for Symantec's change.

You have been bitten by the latest worm, [email protected], and want to know what to do and how to get rid of it.

We here at TSG want to make that process easier for you.

The following is a short(er) version of what can be found at Symantec?s site.
http:[email protected]

Please go to the above link and read and understand about the Swen worm first, then return and follow the short version.

Removal Instructions

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).

How to disable or enable System Restore in Windows ME

How to disable or enable System Restore in Windows XP

2. Modify the association for Registration Entries ( .reg files).
3. Create a repair.reg file on Desktop, double-click on repair.reg file to fix association settings for other file types.
4. Update the virus definitions.

5. Do one of the following:
a. Windows 95/98/Me: Restart the computer in Safe mode.
b. Windows NT/2000/XP: End the Trojan process.
6. ... Read more

Answer:[email protected] Worm Removal instructions + New Removal Tool

16 more replies
Relevance 84.46%

Please advise on how to remove the system tool virus to a not very computer literate person.

Answer:system tool virus removal tool

Hi, You will need to download a couple of things.Rkill at this linkhttp://download.cnet.com/RKill/3000...Malwarebytes at this linkhttp://www.malwarebytes.org/ update and run a full scan.Malwarebytes should remove it.

4 more replies
Relevance 84.05%

Hi all, my first post in here, so hello to everyone.

Could anybody be able to tell me how to completely remove Windows malicious software removal tool as it keeps coming up every time I turn on the laptop.
I have tried all usual channels like add/remove etc but can't see it anywhere. Could someone shed some light, many thanks

Answer:[SOLVED] Removal of 'Malicious software removal tool'

Have you let the MRT finish? The MRT is an On Demand anti virus scanneer with a very limited impact on the PC or
resources. there are NO reasons to remove it.

The utility is...
%windir%\system32\MRT.exe

Command line switches...

/? or /HELP = displays the command line switches
/Q = quiet
/N = detect only
/F = force extended scan
/F:Y = force extended scan and automatically clean infected files

If you really want to remove it browse to C:\Windows\System32 and delete MRT.exe

4 more replies
Relevance 82.82%
Question: Virus removal tool

My Norton has stopped and quarantined a virus in my computer. It is called Worm.Automat.AHBDoes nayone know of a tool for getting rid of it from my computer.

Answer:Virus removal tool

It's also known as [email protected]Removal tool: [email protected]" title="http://securityresponse1.symantec.com/sarc/sarc.nsf/html/[email protected]" TARGET="_new">click here

8 more replies
Relevance 82.82%
Question: virus removal tool

Hello
I guess I'am in the right forum to ask this question but I was reading bout the Sophos virus removal tool on Cnet I think if my memory serves me right.  any how I was interested to know more bout the Sophos virus removal tool.  I read that was OK to run this tool along side anti virus protection on pc.   I don't think I have a virus but was wondering what anyones opinion was on the Sophos removal tool.
 
thanks for reading, Gina

Answer:virus removal tool

Sophos Virus Removal ToolNOTE: If you run the tool, click 'Help' in the lower left hand corner, it provides an FAQ.Many vendors create specialized removal tools to deal with various infections and have them available for download on their website. If you need such a tool, it is best to download directly from the vendor's site rather than using a third-party hosting site such as CNET.Free Malware Removal Tools by Anti-virus vendors:BitDefender Virus Removal ToolsKaspersky Virus Removal ToolsESET Stand-alone malware removal toolsAVG Removal ToolsPanda Cloud Cleaner - How to disinfect computer with Panda Cloud CleanerSymantec Virus/Trojan Removal ToolsSymantec Security Risk/Spyware Removal ToolsNorton Rescue Tools: Norton Power EraserF-Secure Legacy Tools

1 more replies
Relevance 82.82%
Question: Virus Removal Tool

Hi experts,

Is there any tool that is compact in size and is able to detect and remove nearly all kinds of viruses and malicious programs...???

Thank You.

Answer:Virus Removal Tool

There are several, but not all of them will clean everything.

4 more replies
Relevance 82.82%

Anyone after a removal tool for these I-Worm/Mydoom.F and I-worm/Netsky - A to D variants Virus Removal Toolclick here

Answer:AVG Virus Removal Tool

do updates not detect this?

3 more replies
Relevance 82.82%

I had the ms removal tool virus. I downloaed and ran rkill. It worked. I downloaded and run the malaware program, it worked as described.
It said it needed to reboot the computer. It did, but now keeps going back to the safe startup screen selection and wont reboot to windows. What is wrong? Computer now worse than with virus.
Thanks.

Answer:MS Removal tool virus

Hello and to the BC forums.

Please sit tight and be patient.

I have requested that an experienced helper who specialises in un-bootable computers respond to your topic.

Thank you.

17 more replies
Relevance 82.82%

guys i have followed another thread on here about this virus and still cant get rid of it. i have run the dds and gmer logs and they are all attached.
your help will be much appreciated guys

Answer:ms removal tool virus

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

2 more replies
Relevance 82.82%

i d/loaded this update last night but cant find it now, does it run automatically or does it need activating of some kind (if one can find it that is ;))johnny.

Answer:new xp virus removal tool

It runs from the Windows Update site but does not install on your PC.However, it leaves a log of the scan at Windows/Debug/mrt folder.

10 more replies
Relevance 82.82%

I have accidentally imported a virus called "ms removal tool" I havebeen advised by geekpolice this web site can help remove it

Answer:ms removal tool (virus)

Please follow this guide: How do I remove the MS Removal Tool Virus?

2 more replies
Relevance 82.82%

Avast! found W32:Trojan-gen. on my pc and I cannot remove it.

It was found here:

c:\_RESTORE\ARCHIVE\FS99.CAB1A0032296.CPY

twice.

I try to delete it, move it to the chest, repair it, and nothing. It says "Access is denied, cannot process."

Is there a removal tool I can use to get rid of this?

Please help.

Thanks in advance.

Also---when I run Adaware and Spybot it comes up clean.
 

Answer:Virus Removal Tool???

9 more replies
Relevance 82.82%

Does anyone know how to remove the MS Removal Tool Virus?ThanksEdit: Moved topic from Win 7 to the more appropriate forum. ~ Animal

Answer:MS Removal Tool Virus

Take a careful look, follow inssructions...exactly as written.Remove MS Removal Tool Malware, BC GuideIncluding those uner the "If you are still having problems" paragraph , good luck .Louis

1 more replies
Relevance 82.82%
Question: virus removal tool

I have Microsoft Security Essentials running on my Windows xp and it keeps finding the following items:

Worm:Win32/Rorpian
Exploit:Win32/CplLnk.A
Wrom:Win32/Rorpian.E!lnk

It states they are being removed, but they keep appearing almost every half an hour...

These are being found in the Setup50045.fon, setup50045.lnk, myporno.avi.lnk, and pornmovs.lnk files.

here i m attaching log file as advised. Any help would be appreciated.


thanks!

Answer:virus removal tool

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about y... Read more

2 more replies
Relevance 82.82%

My computer has the MS Removal Tool Virus and the posted fix does not work for me.It will not access the internet but the proxy server box is not checked in Internet tools. MBAM cannot update due to that. The manual update for MBAM is 15 days old and does not find anything wrong. RKill stops the process but that's it.DDS WILL NOT WORK. I have used RKill, been in safe mode, etc, and DDS will not run for anything. I don't know what to do.I have attached the GMER log. Please help! I just got this computer and I am afraid it will be lost!MOD EDIT:: post you OTL and GMer logs and I'll clean this up.OTL logfile created on: 5/23/2011 1:56:40 PM - Run 3OTL by OldTimer - Version 3.2.23.0 Folder = E:\Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.5512)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.36 Mb Total Physical Memory | 543.41 Mb Available Physical Memory | 53.52% Memory free1.64 Gb Paging File | 1.26 Gb Available in Paging File | 77.12% Paging File freePaging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 55.89 Gb Total Space | 10.51 Gb Free Space | 18.80% Space Free | Partition Type: NTFSDrive D: | 0.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFSDrive E: | 491.73 Mb Total Space | 484.91 M... Read more

Answer:MS Removal Tool Virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

97 more replies
Relevance 82.82%
Question: removal tool virus

I was infected by a "Removal Tool" virus. Any suggestions on how to remove it?

Answer:removal tool virus

Hello, I moved this to Am I Infected. Did you mean MS Removal Tool ?Please follow our Removal Guide here Remove MS Removal Tool (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

1 more replies
Relevance 82.82%

Hello all. Hope someone can help. I find one of my computers infected with the MS Removal Tool virus and have tried all the steps found here http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool with no success.

After reboot, MS Removal Tool continues to be there. Have also tried running SuperAntiSpyware.

Here is the DDS Log. Looking forward to any/all replies. Thanks! ~Jack

.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Administrator at 18:14:30.14 on Tue 04/12/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.277 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://att.yahoo.com
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&... Read more

Answer:MS Removal Tool Virus

Virus removed! Downloaded all renamed copies of Rkill (WiNlOgOn worked) and ran that and then everything else within the instructions.

Thanks!

~Jack

2 more replies
Relevance 82.82%

Trying to opne my SAV 10 ANTI-VIRUS. MS REMOVAL TOOL VIRUS prevents me from opening the winzip to install the anti-virus. Any help for this problem? Please?

Answer:Cannot get rid of MS REMOVAL TOOL VIRUS to op

What do you mean

7 more replies
Relevance 82.82%

Hello,

My mom's laptop is infected with a crazy virus. Every time I start it up, MS Removal Tool pops up and starts running a scan. I tried downloading Malwarebytes but after downloading, I was unable to install it because a Warning message popped up in the lower right hand part of my screen saying it is infected. I then tried to downlaod Malwarebytes on a different computer, renamed it, and tried to install from a flash drive, but it still did not work. I seriously need help getting rid of this thing! Please Help!!!

-Jay

Answer:MS Removal Tool Virus?!

Have you tried running rkill before running malwarebytes jabidi see here

6 more replies
Relevance 82.82%
Question: Virus removal tool

I just found out that I have the W32 Netsky [email protected] virus. I need help to remove it.
 

Answer:Virus removal tool

http://www.majorgeeks.com/download.php?det=4063
 

9 more replies
Relevance 82.82%
Question: VIRUS REMOVAL TOOL

Where we can find an effective Removal Tool for the Virus S.hklmm.com   The Malware effected all programs even private financial institutions websites. 

More replies
Relevance 82.41%

What is MS Removal Tool?

MS Removal Tool is a fake system security software that is considered as a Rogue. Rogues are malicious programs that hackers use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information
Am I infected?

This is a screenshots of this rogue.

Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)

1. Restart your computer. As soon as your computer turns on, tap F8 until you reach the Advance Boot Menu. Use the arrow keys and select Safe Mode with Networking .

2. Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3
Save it to your Desktop.
Double click the RKill desktop icon.
It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
(This tools will kill the rogue's process temporarily. As a result, act quickly and move on to the next step.)

3. Download Malwarebytes' Anti-Malware to your desktop.

Rename the file to firefox.exe BEFORE downloading
Double-click firefox.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes' Anti-Malware

then click Finish.
If an update is found, it will download an... Read more

More replies
Relevance 82%

Hi All

I think I have the MS Removal Tool Virus on 2 pc's - my main pc runs Vista.

I've tried almost everything including:

> Rkill - which now doesn't find anything - although it did initially.
> Malwarebites - which now doesn't find anything - although it did initially.
> CCleaner, Adaware, Spybot & Avast - don't find anything
> I've tried to delete the taskmanager

I can access the internet in safe mode with networking and to a degree in normal start up, but the pc is still infected and not running particularly well.

I also tried running combofix and it generated the report below.

I'm desperate to fix this and really need somebody to talk me through it step by step as I'm not particularly pc literate and been trying to fix this for the past week almost constantly.

Please help!

Thanks

Jon

ComboFix 11-04-12.02 - Jon 13/04/2011 18:28:50.1.2 - x86 NETWORK
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.1789.1321 [GMT 1:00]
Running from: c:\users\Jon\Desktop\ComboFix.exe
AV: avast! antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: avast! antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF... Read more

More replies
Relevance 82%

Security Tool virus has taken over my computer. I can't run task manager, regedit, msconfig, How do I remove this from my computer, please?

Answer:security tool virus removal

Hello and welcome... Iam moving this from Vista to the Am I Infected forum.You need to do all the steps ..Please follow our Removal Guide here How to remove XP Security ToolYou will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

25 more replies
Relevance 82%

hi all,

i got a link in yahoo messenger saying "watch my vacation snaps" from my friend and when i clicked the link,auto generated messages were sent from yahoo and the "run" menu is not there in the startmenu . also the taskmanager also is disabled if the click ctrl +alt+del
when i scanned the computer
the following viruses were shown

trojan.adclicker
[email protected]
w32.sality.u
downloader

please help me to remove these viruses as direct removal tool is not available.

regards,
sunshine
 

Answer:virus removal tool needed

Welcome,

The best way is to post a HijackThis log and let an Log Expert to look at it for you.
Download HijackThis to your desktop

Double click on HijackThis on your Desktop
Then click on Unzip
It will install to Program files by default
Then Click Start>>>Run type C:\Program Files click OK
Look for a folder called HijackThis
Double click on it
On the right you will see a Icon of Dynamite with plunger
Double click on the Icon
Click on Icon and choose "scan system and save a logfile" usually in notepad
Copy and Paste the logfile in your next post
Using Ctrl+A to copy All and Ctrl+C to copy and Ctrl+V to paste.

 

2 more replies
Relevance 82%

Kaspersky? Virus Removal Tool is an utility designed to remove all types of infections from your computer. Kaspersky? Virus Removal Tool implies effective algorithms of detection used by Kaspersky Anti-Virus and AVZ Antiviral Toolkit.

Attention
Kaspersky? Virus Removal Tool is not capable for real-time protection of your computer. As soon as your computer is cleaned you are supposed to remove the tool and install a full version of antivirus software.

Further reading -

Kaspersky Virus Removal Tool

More replies
Relevance 82%

I started getting messages last night that some temporary file could not be saved because my hard drive was failing. Afterwards, I started getting popups for MS Removal Tool (fake antivirus). I got on the bleeping computer page and followed all the directions to remove this specific malware. After following all the directions and rebooting I still have major issues. Only a couple of my programs are showing from the Start Menu. I don't know where they all went. Mozilla Firefox is also completely gone from my computer. I am still getting the bubble popup message in the bottom right that says some temporary files is having a "write" issue.. (i forget what it says exactly).Here is a copy of my most recent HiJack this log. Please help! Thanks in advance.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 1:51:48 PM, on 5/13/2011Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless... Read more

Answer:Infected w/ MS Tool Removal Virus & Others

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

84 more replies
Relevance 82%

Recently the most of the part of U.S and Western Europe was taken for a ride by the Zotob worm threat. Zotob virus attacks computers having Windows 2000 operating system and takes advantage of a security issue that was addressed by Microsoft Security Bulletin MS05-039. This worm has many variants that install malicious software, and then spread over the healthy computers leaving them infected. Get solutions to remove Zotob virus.

VengaBoyz

Answer:Zotob Virus Removal Tool

As I posted to Junth2, Symantec also has the tool
http://securityresponse.symantec.co...32.zotob.e.html

http://securityresponse.symantec.com is always a good place to check for removal tools and instructions.

TrendMicro is another spot to check for tools and removal instructions

Thank you for giving me another resource, VengaBoyz

3 more replies
Relevance 82%

Hi, new here... Thanks for the help in advance.
I was trying to watch a movie from 10starmovies.com last night
and ended up with a virus. its called ms removal tool.
found the guide from this site to remove it and am trying to make my way thru the list.

helpful insight.... im on a hp laptop (virus infected) I have a desktop to work with also (not infected)

I have started it in safemode with networking
went to IE and went to tools, internet options, connections, LAN settings and proxy server box was NOT checked.

Next I log on internet still in safemode and try to download rkill and the laptop shuts off. restart and it shuts off again and again.
charger is plugged in and showing full battery. shuts off in random times. Also have tried to run malewarebytes that I already have on laptop
and it shuts off again and again.

Anyone know what to do?

More replies
Relevance 82%

I unfortunately had the system tool virus on my PC. I have followed your removal tool with no problems until i try to save the new hosts file. It will not allow me to save it as "I don't have permission to save in this location". I have down loaded the_hosts-perm.bat Download Link . i have deleted the old hosts file. Please can you help me I am just an amateur following instructions !!!

Answer:System tool virus removal

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

1 more replies
Relevance 82%

I have a vbs virus that antivir detected and deleted. msconfig has strange services listed under startup. i can't read the start up item or command because they are in a strange script of boxes (squares and rectangles). the registry key is . . . software\microsoft\windows nt\currentversion\windows.

i am running an xp os and have noticed ramped memory. i only have 192 mb of mem and the system runs (or says it is running) up to 260.

spybot and adaware are not finding any exploits and hijack this looks normal.
thanks for the help in advance.
 

Answer:vbs/newlove.a virus (NEED REMOVAL TOOL)

Please post your HJT log.
 

2 more replies
Relevance 82%

YAC Virus Removal software do?

YAC is exactly that: an efficient little program makes fast work of outdated registry entries, cookies, and temporary files. YAC also helps protect your browser from malicious plug-ins. Via clear out of cache/browser history,emptying the recycle bin,old Windows logs,memory dumps and other "unseen" objects to speeds up slow computers, helps save disk space and keep computer running smoothly.

- Scans a computer system at lightning fast speed, with a single button clean up and optimize the computer system
- Automatically clears cache/browser history and emptying the recycle bin
- Protect the browser from malicious plug-ins
- Software manager is used to remove processes which are currently running
- Disable or Start-up Delay some software that don't need to start along with the computer boot.
- YAC's Boosting ball, accelerates computer's running speed and keep computer running smoothly by one click.

Home Page

Note: I did not fully tested this tool just perform scan. I find some suggestion and hundreds of MB of junk . I hope some one tested this software thoroughly let us know the usefulness of this software as compare to other in this category .
Thanks
 

Answer:YAC Virus Removal Tool and Cleaner.

be careful webroot detected as malware and remove it quickly but online armor missed it hmmm got me thinking about online armor firewall any suggestions
 

5 more replies
Relevance 82%

I've attached, MBAM log, the DSS logs, and GMER log.I got hit with the security tool spyware thing and I followed all the steps from this pagehttp://www.bleepingcomputer.com/virus-removal/remove-security-toolI was downloading something and the download stops in the middle. Then a few minutes later a Security Tool scan pops up. I knew immediately it was a virus so I shut down the laptop. I used my another uninfected laptop and found the site I mentioned above went through all the steps in safe mode.Using malware antivirus I was able to remove 3 infected files but after I restart the computer System Tool is still on my computer.Every time I restart regularly(not under safe mode)there is a prompt:####################################################################User Account ControlDo you want to allow the following program to make changes to this computer?Program name: malwarebytes' Anti-MalwareVerified publisher: Malwarebytes CorporationFile origin: Hard drive on this computerYes No##################################################################I restarted a few times and tried yes and no, same thing happens.My background changed to "Warning? you're in danger! Your computer is infected with sypware...."and system tool scan pops up.What should I do now?I have Windows7.Here's another guide, both are rather complicated, I would ty to follow them exactly if possible?http://forums.malwarebytes.org/index.php?showtopic=66064&pid=334861&st=0&am... Read more

Answer:System Tool Virus removal Help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

3 more replies
Relevance 82%

Hi All

I think I have the MS Removal Tool Virus on 2 pc's - my main pc runs Vista.

I've tried almost everything including:

> Rkill - which now doesn't find anything - although it did initially.
> Malwarebites - which now doesn't find anything - although it did initially.
> CCleaner, Adaware, Spybot & Avast - don't find anything
> I've tried to delete the taskmanager

I can access the internet in safe mode with networking and to a degree in normal start up, but the pc is still infected and not running particularly well.

I also tried running combofix and it generated the report below.

I'm desperate to fix this and really need somebody to talk me through it step by step as I'm not particularly pc literate and been trying to fix this for the past week almost constantly.

Please help!

Thanks

Jon

ComboFix 11-04-12.02 - Jon 13/04/2011 18:28:50.1.2 - x86 NETWORK
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.1789.1321 [GMT 1:00]
Running from: c:\users\Jon\Desktop\ComboFix.exe
AV: avast! antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: avast! antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF... Read more

More replies
Relevance 82%

I am infected with the MS Removal Tool. When I boot up in regular mode, the program is open, and appears to be running. it has changed my background, and it will not allow me to open any applications.
I followed the directions on the following link, and everything appeaed to be successful, but when I rebooted the virus was still there.
http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool

Now I am trying to follow these instructions, but I am stuck at the point where I get the GMER scan. I downloaded the pogram and opened it successfully. Then it starts to scan. Then i get the blue screen that says something bad has happened and windows is shutting down my computer to protect it. I tried to scan 2 more times, both ending the same way, so i am unable to complete the GMER scan.

Below is my DDS report.

.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Rae at 9:06:47.64 on Mon 04/11/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_23
Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.1.1033.18.3573.2699 [GMT -6:00]
.
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32... Read more

Answer:Infected with MS Removal Tool Virus

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

2 more replies
Relevance 82%

Hi, i know your only supposed to use only one anti virus program. I run ESETS NOD32 can i also have the Sophos Virus Removal Tool installed for rootkits? Thanks.
 

Answer:Sophos Virus Removal Tool

Hello, Chala

Yes, it can be used along your anti-virus - however pay attention to this quote from the Sophos knowledgebase page.




Note:
You should always use the latest copy of the tool.
As the tool cannot self-update or be manually updated you must re-download the tool to receive the latest protection.
Click to expand...

It should be re-downloaded for each new use.

dr.m
 

5 more replies
Relevance 82%

I got hit with the security tool spyware thing and I followed all the steps from this page
http://www.bleepingcomputer.com/virus-removal/remove-security-tool

I was downloading something and the download stops in the middle. Then a few minutes later a Security Tool scan pops up. I knew immediately it was a virus so I shut down the laptop. I used my another uninfected laptop and found the site I mentioned above went through all the steps in safe mode.

Using malware antivirus I was able to remove 3 infected files but after I restart the computer System Tool is still on my computer.
Every time I restart regularly(not under safe mode)there is a prompt:
####################################################################
User Account Control
Do you want to allow the following program to make changes to this computer?
Program name: malwarebytes' Anti-Malware
Verified publisher: Malwarebytes Corporation
File origin: Hard drive on this computer
Yes No
##################################################################
I restarted a few times and tried yes and no, same thing happens.
My background changed to "Warning? you're in danger! Your computer is infected with sypware...."
and system tool scan pops up.

What should I do now?

I have Windows7.

Answer:System Tool Virus removal Help

Here's another guide, both are rather complicated, I would ty to follow them exactly if possible?

http://forums.malwarebytes.org/index.php?showtopic=66064&pid=334861&st=0&#entry334861

8 more replies
Relevance 82%

http://nakedsecurity.sophos.com/2012/04/11/free-virus-removal-tool-for-download-from-sophos/
 

Answer:Free Virus Removal Tool

Free virus detection and removal


Removes viruses, spyware, rootkits and fake antivirus
100% free! Totally, absolutely, completely
Supports Windows XP, Vista and 7
Works alongside your existing antivirus
How-To and Download

[hr]

I wonder how effective this is?
 

3 more replies
Relevance 82%

Hello:

How do I remove

Alemod Virus ?

Thanks

Answer:Alemod Virus Removal Tool

Hi

We want all our members to perform the steps outlined in the link given below, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

1 more replies
Relevance 82%

Kaspersky? Virus Removal Tool is an utility designed to remove all types of infections from your computer. Kaspersky? Virus Removal Tool implies effective algorithms of detection used by Kaspersky Anti-Virus and AVZ Antiviral Toolkit.

****Note that Kaspersky? Virus Removal Tool is not capable for real-time protection of your computer.****


Read more below -

Kaspersky Virus Removal Tool

More replies
Relevance 82%

Hi:

I am running WIndowsME and I have a virus on my machine. [email protected] The Infected file is called WINAD CLIENT\WINAD.EXE

Don't know if I need the file, but i went to the symantec virus removal site and that virus isn't listed.

Anyone know where else I can look.

Trying Desperately to clean machine but seems like I am playing 2 steps forward one step back.

Thanks
 

Answer:Can't find a Removal tool for virus

Download Hijackthis http://www.s92400163.onlinehome.us/hijackthis.zip

Extract..open...scan...and save log. Copy and paste here. Do NOT check off or fix anything yet.
 

2 more replies
Relevance 82%

This post is about how to get rid of a Rogue Virus in your computer. Before i get to that, i just want to say i am posting this because it will come in very handy for you guys in the future if you encounter these types of rogue virus (the list is shown in the picture below as an attachment.) I have encountered it once but it gotten worse to the point where i wasnt able to fix it untill i saw this website (link provided below). It really helps and i even got rid of one from my classmate's computer that was infected by one. So i thought i be generous to help you guys out and share the link and the description and how to delete, remove and recover your computer without wiping your hdd clean. I do not take any credit but to just post an interesting topic that is very useful and has important information.

P.S.- It would be nice to have this topic stickied.
[EDIT] Also, the downloadable files are for Windows XP, Vista, and 7.
Method #1: Reg File and MalwareBytesLINK===> How to remove XP Security Tool 2010, XP Defender Pro, and Vista Security Tool 2010 (Uninstall Guide)

Automated Removal Instructions for XP Security Tool 2010, XP Defender Pro, Vista Security Tool 2010, and Vista Defender Pro using Malwarebytes' Anti-Malware:



1. For the first part of this removal guide you will need to use a different computer than the infected one. This is also a tricky rogue to remove, so please follow the instructions carefully. If you are concerned about whether or not you can do this,... Read more

Answer:Rogue Virus Removal Tool

Good post

9 more replies
Relevance 82%

Hi Everyone:

Does anyone know if Sophos Virus Removal Tool is any good to use as a secondary scanner??

Tony
 

Answer:Sophos Virus Removal Tool

yeah it is awesome I've used it
 

3 more replies
Relevance 81.18%

UVK - Ultra Virus Killer - virus removal and system repair tool topic here ..
UVK is a powerful free tool for manual virus removal and system repair I use! Sure, stable, actively developed! Features, screenshot and download (by Carifred.com) here: http://www.carifred.com/uvk/

Quote:
'With simple and intuitive interface, UVK allows users to detect and delete trojans, rootkits, malware and spyware from infected systems. It also includes lots of tools to repair Windows PC after the disinfection.'

Features (they are described in the Home page):

Process manager
Memory modules manager - NEW!
Startup entries and scheduled tasks
Windows services and drivers
Alternate Streams manager - NEW!
Delete or replace file or folder
Scan & create log
Run UVK Scripts
UVK tools
UVK System repair
System Info
UVK immunization is described in the link below, on the version 3.0.0.0 changelog.

EDIT:
'Yes, the UVK immunization is always active once you enable it, even if UVK is not running, or even if you uninstall UVK.' - Here: Error when downloading Malwarebytes Anti-Malware: http://www.carifred.com/uvk/forum/viewtopic.php?f=4&t=165&p=415#p415 - Post 8. Thank you!

Changelog link: http://www.carifred.com/uvk/changelog.htm
NEW version 4.1.0.0 changelog:

General internal debugging and improvement.
Improved the list creation feature in the Startup entries and scheduled tasks, and Windows services and drivers sections. Now the lists are immediately displayed,... Read more

Answer:Ultra Virus Killer - virus removal and system repair tool

The new UVK version was born. Version v2.4.2.0.
Changelog:
* General internal debugging.
* Replaced several WMI functions by windows api calls. This resulted in a big performance and stability improvement.
* Added context menus to search for files and MD5 hashes in ThreatExpert.com to the Process manager, Startup entries and Drivers/Tasks, sections, and also the Log analyzer.
* Added BIOS information to the System Info section.
PS.
Rootkit removal with UVK - posted by UVK developer on carifred.com forum: http://www.carifred.com/uvk/forum/viewtopic.php?f=6&t=56

Google (and other) redirects caused by malware - UVK Tutorial: http://www.carifred.com/uvk/forum/viewtopic.php?f=6&t=42

Thanks!
 

71 more replies
Relevance 81.18%

Hello,

We have a Lenovo notebook running Windows Vista. It has been infected with the security tool virus. I followed the instructions at http://www.bleepingcomputer.com/virus-removal/remove-security-tool and it appeared to have cleaned the system, but this morning the virus was back. We'd appreciate any assistance you can offer!
 

Answer:Security Tool Virus - removal failed

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

 

3 more replies
Relevance 81.18%

what was the link for the fake antivirus removal tool. I have it on my flash drive but can't remember the link to get it for someone else. they aren't local so I can't just take it off my flash drive for them.
 

More replies
Relevance 81.18%

virus removal tool free from avast may be useful to some of you unlucky people..and its free click here

Answer:virus removal tool free from avast may be useful

is a very good program, best installed before you have a virus,

1 more replies
Relevance 81.18%

Hello - My pc has been taken over by some kind of software-removal-tool.com virus.

It started by throwing a bunch of false errors saying my hd was failing, system was corrupt, etc.

Then it displayed and advertisement for some bogus software to remove all the problems.

I obviously didnt click or buy that software.

Now I managed to get rid of the popups, warnings, and all that using Malwares, Ad-aware, superAntiSpyware, SpybotSearch and Destroy.

As for Antivirus software - I have run MSE and AVG.

AVG didn't pick up a thing - and MSE picked up a trojan:JS/Hiloti.F. - andI quarantined and removed it.

I also managed to get the files unhidden.

Now the problems that remain are a bunch of system folders are getting a 'System Denied' error when I try to open them, the desktop theme is pure black, and when I try to open Firefox.exe I get a popup that it is already running and it closes.

I tried uninstalling and reinstalling firefox - but still get the same issue.

If you could point me in a direction of how to resolve this, I would deeply appreciate it.

Thanks.

Answer:Win 7 64 Bit - infected by Software-Removal-Tool.com virus?

Lets make sure if the system is clean before solving other issuesDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

20 more replies
Relevance 81.18%

I am looking for a free stand alone virus removal tool that I can download, burn to a disk, and take to another computer. I remember downloading one from this site last year, but I forgot the name of it. Any help ould be appreciate I believe I would remember the name if I would see it again. Thanks.

Answer:Free virus removal tool that II can download

Perhaps it was these.SUPERAntiSpywareMalwarebytes Anti-MalwareEDIT: moved post to AntiVirus, Firewall and Privacy Products and Protection Methods forum.

9 more replies
Relevance 81.18%

Technical Details
This polymorphic file virus infects Windows executable files (PE). When infecting files the virus uses an entry point obscuring (EPO) technique. The virus body in the infected file varies from 160 to 180 KB.

Installation
When the infected file is launched, the virus saves files with arbitrary names based on computer parameters in a Windows folder. The files contain encrypted information about the virus.
Payload
The virus infects files stored in the folders:

%system% (usually C:\Windows\system32\)
%ProgramFiles% (usually C:\Program Files\)
Files in shared folders
Files on removable media, remote (network) disks and virtual disks (RAM), files prepared for the copying of CDs
The following files that certain registry keys contain links to:
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Software\Microsoft\Internet Explorer\Extensions Software\Microsoft\Internet Explorer\UrlSearchHooks Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approv Software\Classes\Directory\ShellEx\ContextMenuHandlers
Software\Classes\Folder\ShellEx\ContextMenuHandlers
SOFTWARE\Classes\Protocol\Filter
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SOFTWARE\Classes\Applications
SOFTWARE\Clients\StartMenuInternet
SOFTWARE\Microsoft\Multimedia
SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

If the file does not satisfy certain conditions, e.g. it is protected with SFC, is will not be infected.

It attem... Read more

More replies
Relevance 81.18%

Hey everyone. I joined MajorGeeks to spread the word of a new tool I created that I think will greatly help in the removal of malware called AVERT.

You can view my website to check it out: <snip>

I used to work for Best Buy's Geek Squad and they had an internal tool called L.A.S.E.R. I can't remember what the acronym means, but it was this amazing tool.

It's sole purpose was to run hardware and anti-malware scans and if the customer paid for it, the tool would remove all infections found. The greatest thing about it, was that it utilized a bunch of different command line scanners to remove viruses automatically.

The key word here, is automatically. I'm sure most of us has had family members and friends bring us their computers when they had a virus and to remove viruses, we have to run several different scanners just to make sure it's clean.

Which means this:

1. Install scanner one and pray it installs.
2. Update scanner and pray it updates
3. Run scanner
4. Walk away
5. Come back, realize it isn't done and come back later
6. Repeat step five
7. Success!
8. Repeats steps 1 through 6 for each scanner.

Pretty annoying, huh?

This is almost always the exact process we use anytime a computer is already infected. Antivirus apps are awesome and most of them do a great job, but once a machine is infected, it's highly unlikely one app will completely clean it.

So, don't you think it would be nice to have a tool like ... Read more

Answer:Automatic Virus Eradication & Removal Tool

If you wish to advertise on MG's, please contact either Tim or Jim @ MajorGeeks.com.
 

11 more replies
Relevance 81.18%

Hey guys,

here is a virus removal tool i have found very useful...

here is a list of virus's that it detects and heals/deletes

Agent.A-AN
BackDoor.Agent.A-Z, AA-BG
Downloader.Agent.AS
I-Worm/Atak.A-I
Bagle.DA-IU
I-Worm/Bagle.A-Z, AA-JD
I-Worm/Bugbear.D
I-Worm/Mytob.A-GC
I-Worm/Netsky.A-Z, AA-AD
I-Worm/Sasser.A-F
I-Worm/Zafi.A-E
PSW.Bispy.A-E
Win32/Gaelicum
Win32/Hidrag

and you can download it from here !!

http://www.grisoft.com/doc/112/lng/us/tpl/tpl01

its free and its from the makers of AVG

Answer:Free Virus Removal Tool !!! (not spam)

i had somethin very similar which gto rid of more but i havnt ben able to rmeebr the name for about a year waqs a small exe and was free i think was sweedish very handy

9 more replies
Relevance 81.18%

Good evening and thank you for your efforts so far. I use an Acer AX1200-B1581A running Win 7 64 bit. Every audio source that I play is interrupted with silence or tone intervention. This includes internet sources as well as CD drive. I am older, my glasses are in the shop and I sincerely hope I have followed your instructions accurately. I have found that using my PC is very unforgiving work. I have two toolbars on my Chrome browser that are uninvited and cannot remove them. One is called Community Mix DJ and the other is White Smoke. I am tickled to be getting some help. I have been working on these problems for days and am just about worn out.
Thanks again,
jim
P.S. My abilities are basic. I use a two monitor setup.

Answer:Suspect audio virus and tool bar removal

Hello and welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification then click Subscribe.
----------

Please download aswMBR to your desktop.
Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.


Click the image to enlarge it

AdwCleanerClose all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Oh...by the way...no need to attach the logs. You can just copy and paste them directly to the replies.

19 more replies
Relevance 81.18%

prohackey.blogspot.in/2012/04/google-redirect-virus-removal-tool.htm I had see a Redirect Virus Removal Tool .Is it real?

Answer:Is it Google Redirect Virus Removal Tool?

That page does not exist - I just tried it.

3 more replies
Relevance 81.18%

Hi

Im pretty stuck here, googled and found your tutorial for the removal of this virus but can't get past step 3 as rkill keeps getting blocked before it can do anything, I have tried as suggested leaving the pop ups in place and trying again but still the same problem

I then followed the link for further help - Preparation Guide For Use Before Posting A Hijackthis Log, but unable to run this software either, its just blocked dead.

I don't know exactly how this virus got on the pc, no one is owning up.

There are no desktop icons, it has disabled the wireless internet connection, you cannot run system restore, I have been downloading the software onto a usb and transfering ot onto the pc. It won't let any software run that might remove it basically.

Any help gratefully received. Im running XP & have ESET Security installed

Answer:Security Tool Virus removal problem

Hello snowball2 and welcome to Bleeping Computer! My username is swagger and I'll be helping you. Have you tried downloading and running RKill with the different extensions? rkill.pifrkill.scrrkill.comrkill.exePlease Download Link #1. Save it to your Desktop. Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.Double click the RKill desktop icon to run the tool.
If you are using Vista please right click and run as Admin!A black screen will briefly flash indicating a successful run.If this does not occur please delete that application and download Link #2.Continue process until the tool runs.NOTE: 1. Try running RKill using Link 1, if it does not run, download Link 2 and delete Link 1 then try running it again. 2. If you still can't run RKill, repeat the same steps using Link 3 and 4. Please tell me if all the link does not work.*If the tool does not run from any of the links, Please tell me about it.Regards,swagger

3 more replies
Relevance 81.18%

W32/Darkkomet Free Virus Removal Tool
Information about the W32/Darkkomet Trojan :

http://www.pspl.com/pages/cleandarkkomet/pgid-985040.aspx
 

More replies
Relevance 81.18%

Sophos Virus Removal Tool is a free on-demand standalone scanner. The program has previously been offered to the company’s larger customers to help them clean up infected PCs, but now it’s available for anyone to download.
The Virus Removal Tool is extremely easy to use, with no settings to configure, no scan modes to figure out: it’s purely about on-demand full system scans.
With more than 100 million global users our Sophos Virus Removal Tool includes the same great security features available in our Sophos Enduser Protection solution:
- User memory scanning and cleaning
- Kernel memory scanning and cleaning
- File scanning
Download here Also take a look at Sophos XG Firewall Home Edition.

Answer:Sophos Virus Removal Tool released

It looks like a nice tool, gonna give it a try and scan my system.. Thanks for the info.

4 more replies
Relevance 81.18%

I have tried to go into Safe Mode. My computer restarts and as it does I hit F8...doesn't work! How can I get into Safe mode to do the help things for Malware etc? Thank you!!
 

Answer:MS Removal Tool list LOADS of virus!! HELP!

I did this after reading about it on an XP Forum...
Reg export of SafeBoot key after repair:
========================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"
[HKEY_LOCAL_M... Read more

1 more replies
Relevance 81.18%

Link to previous thread:

http://www.techsupportforum.com/secu...rus-alert.html

LOG #1

Logfile of random's system information tool 1.04 (written by random/random)
Run by Angela at 2008-10-27 2246
Microsoft Windows XP Professional
System drive C: has 8 GB (59%) free of 14 GB
Total RAM: 256 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07: VIRUS ALERT!, on 10/27/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\System32\lxczcoms.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\ErrorKiller\ErrorKiller.exe
C:\Program Files\... Read more

Answer:Response to Bruce for Tool Bar Virus Removal

Hello again

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

========

Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear, a lack of symptoms does not mean that it is no longer present.

Please DO NOT Attach logs to your posts unless you are advised to do so.

==========

P2P

P2P - I see you have P2P software LimeWire 4.16.6 installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are Here,
Here and Here.

=========

Click > Start > Control Panel > Add / Remove Programs and uninstall the following progr... Read more

3 more replies
Relevance 81.18%

http://nakedsecurity.sophos.com/2012/10/11/virus-removal-tool/

"The top three issues readers highlighted were:

Speed up scanning time
Improve malware clean-up
Incorporate auto-update capabilities"

http://downloads.sophos.com/tools/withides/Sophos%20Virus%20Removal%20Tool.exe
 

Answer:Virus Removal Tool From Sophos Updated

Thanks for the update, I'm trying it now to see how well it does.

Good day.
 

2 more replies
Relevance 81.18%

Hello,

My friend's laptop is infected with the MS Removal Tool virus. Most googling led me to this tutorial
http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool

On step 7, it directs us to uncheck "Use a proxy server for your LAN".
However, this box is already NOT checked when I open this screen. Internet shows that it is connected to our network via wifi, but webpages will not load.
As such, I used my computer and an USB to transfer RKILL.exe as an ulterior option stated in guide.

RKILL finds and terminates:
C:\windows\SysWOW64\InfDefaultInstall.exe
C:\windows\SysWOW64\runonce.exe

As internet is still not working, I used the USB to transfer mbam-setup.exe as well. Install program. I then attempt to update to no avail.

So what other things must I do to regain internet connection and thus update mbam to fully remove MS Removal Tool? Does it HAVE to be updated (found 1 file. I don't remember what)?

Thank you for any insight!

Answer:MS Removal Tool Virus. Can't Update MBAM

My friend's laptop had Webroot AntiVirus on his system already and had been recently updated (no need for internet!). I substituted this into procedure and seemed to have fixed the problem(no spam at reboot). If anyone knows if this will be insufficient in the long run, please let me know. Still food for thought if other people encounter same roadblock.

Still no internet, but I think I remember running across someone saying that system restores can cause this problem (The person using the laptop at time of infection attempted this before I took over). So I will poke around the interwebs to see how to resolve this hopefully unrelated problem.

If not, thank you for the guide! Definitely helped me get my bearings on my first virus purge! Was lost without it. Thanks! ^^

1 more replies
Relevance 80.36%

Hi fellow techs

Just got d above virus and Wat a mission it was to get rid of it

However it has left some damaging things behind like win updates thinks it's not turned on when it is!!!

As well as it's made some ordinary files like movies to be marked as hidden files

And all programs is not listing a thing but they are all still present!!!!

What the&hellip;&hellip;

Can anybody help

I will try restoring to a week ago soon to see if that works

Answer:Xp security 2011 / malware removal tool virus

You are still infected. We cannot help you here with Malware removal as per forum rules. Please head over to Virus/Trojan/Spyware Help and post there for more help
NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

1 more replies
Relevance 80.36%

Hello! My issue is a folder that appeared on my desktop labeled, "Virus Removal Tool". I have attempted delete this folder with no luck. I get a dialog telling me "access denied" or "folder locked" or "this is a system folder and deleting it will cause windows to not function properly". I suspect malware but I have scanned this machine with everything MGs has to offer. Of course not at the same time. I have used Unlocker and the processes listed are, "CheckURL..exe" and "explorer.EXE" but unlocking them does nothing. I need help again:-o, Please advise, and thank you in advance!
 

Answer:Can't remove folder named Virus Removal Tool

HI


Which Windows version?

Have you booted into Safe Mode (F8 at boot) and tried to remove this folder, also try the below from normal and safe modes

Options to delete this errant file are,


1. Pocket Killbox
2. MoveOnBoot this one, once you dragNdrop the file or browse for its location, deletes the file on reboot, so any applications that have locked the file are not running so cannot lock it before deletion.
 

7 more replies
Relevance 80.36%

Unfortunately, I have no idea what to call it. But, I was googling, and ran across a website. It installed something apparently, because immediately, I started getting pop ups saying I was infected. Figuring that it was virus, I immediately closed everything. Then, all of a sudden icons in the bottom right tray of the desktop populated, looking like Windows Security Center, and notifying that there are viruses. Then, no matter what I tried to execute, explorer, windows explorer, Firefox, word, anything, it would not start, and a pop up in the tray came from the aforementioned icon, indicating that the virus was preventing the exe from running. Then, the desktop disappeared, and some sort of obviously fake virus remover popped up, asking for credit card information etc.

I am able to boot into "Safe Mode"

Running GMER now, will attach once it is done (Been running about an hour now)

Here is my DDS log
DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by Administrator at 20:01:14.77 on Mon 02/28/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.987 [GMT -8:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware�... Read more

Answer:Infected-Can't run any application--makes believe it is a Virus Removal Tool

Hi,

We're so sorry about the delay, do you still need help?

2 more replies
Relevance 80.36%

Hello, much smarter people than I
I've run through all of the fixes and downloaded the suggested spyware and removal items. However, when I attempt to run them, the fake MS Removal Tool advises me that they too are infected and does not allow them to run successfully. Help, suggestions, tips welcome. Thanks in advance!

Answer:Problem removing "MS Removal Tool" Fake Virus

Hello kriskupn ! Welcome to BleepingComputer Forums! My name is Georgi and and I will be helping you with your computer problems. Before we begin, please note the following:I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.The logs can take some time to research, so please be patient with me.Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received. If you can't understand something don't hesitate to ask.Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.STEP 1Try to download the already renamed RKill by Grinler files from one of the 3 links below and save it to your desktop.WiNlOgOn.exe
uSeRiNiT.exe
eXplorer.exe
Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. Double-click on one of the renamed Rkill files on your desktop to run it. A black screen wil... Read more

2 more replies
Relevance 80.36%

Kaspersky Virus Removal Tool 2011 cannot provide continual computer protection. At the end of computer disinfection, the program should be deleted from the computer and substituted by full-scale anti-virus software.
Kaspersky Virus Removal Tool 2011 does not have a function to update its antivirus database. The only way to actualize the tool is to download it again from Kaspersky Lab servers and install it. It is also necessary to uninstall older version of Kaspersky Virus Removal Tool 2011 before installing a newer one.

The program is launched without installation.
To remove the program, you now have to close the main program widow. As a result all traces of the program?s existence in the system are automatically deleted.
The program can now be started from a removable or network drive.
New user-friendly interface.
Improved compatibility with Kaspersky Lab products.

Download
 

More replies
Relevance 80.36%

Hi, I value all the things from bleeping computer. I downloaded and ran JRT by thisusu. It kills various PUP and trojans present in the computer folders. It did not touch upon router, which is being attacked by crook programs making annoying experience of change of dns server address, causing internet connection loss to the users without their knowledge.
Moreover the PUP and popup commercial sites attack the open http port no80 and at times 21 and 23. While it may not be possible to close these ports in the router, the attackers use this port to inject sudden popups and unwanted sites without users browsing those things.
                    will the bleeping comuters fourm members recommend which does this protection to these users. changing of MAc address , and changing of password do not limit those attacks, If it could cause change in the router, by hiding and injecting whenever they want to inject those programs and popups.
                     Use of avast ofcourse, shows the vulnerability of the router, but resolving at times makes the access still more worse. That is , the problem in the router, and what it tries to resove without user consent is the problem there. If suppose, one clicks resolved, you get all this fixed message, but the users are not aware of what it is doing.
... Read more

Answer:Junk removal tool not touching upon router virus

I don't think this is going to happen. You cannot use JRT to "clean a router", and I don't see how you could do that with it anyway. If your router really is hijacked, I suggest you to reset it to it's factory defaults, reconfigure your network on it and then harden it (use secure DNS servers, disable remote admin on it, lock down the admin user with a strong password, etc.) There's no tools to my knowledge which are aimed at "disinfecting" routers, since they don't all work the same way, nor are they from the same manufacturer.Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer.Source: http://www.bleepingcomputer.com/download/junkware-removal-tool/Keypart here being "from your computer", without the mention of router anywhere else.Sorry, but if you are really under attack by hackers, even if JRT was somehow modified to clean routers, it wouldn't stop them from going after you.

4 more replies
Relevance 80.36%

This might be helpful, I'll have to test it out.http://nakedsecurity.sophos.com/2012/04/11/free-virus-removal-tool-for-download-from-sophos/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=8d31ffd9cd-naked%252BsecurityWell, Sophos has just released its Virus Removal Tool. Designed to be child's play to use, it detects and, more importantly, disinfects all those nasty viruses, spyware, rootkits and even fake anti-virus with its flagship industrial-strength anti-virus.

Answer:Free Virus Removal Tool for download from Sophos

Well, Sophos has just released its Virus Removal Tool. Designed to be child's play to use, it detects and, more importantly, disinfects all those nasty viruses, spyware, rootkits and even fake anti-virus with its flagship industrial-strength anti-virus."All", Really........ Finally a universal one size fit's all "god" tool that will replace every tool used at BC now and in the future! Sorry, just making a little good nature cynical comment. I do hope that it is a new tool in the "good guy" arsenal but doubt it will really get everything. In my previous more naive days I remember actually believing the McAfee statement " Is your computer protected? Yes! that use to show in an earlier McAfee security center.

4 more replies
Relevance 80.36%

The Good
The tool is compatible with all popular Windows editions from XP to 8/8.1 (32- and 64-bit architecture type). It is very easy to initialize a scan job, regardless of the user's experience with virus removal tools.

Nevertheless, it is possible to adjust settings regarding the scan scope, severity, action on threat detection, and self-defense.

Virus detection ratio was excellent in our tests.

All program activity can be studied in log files.

Multiple languages are supported.

It is free to use.

The Bad
As previously mentioned in the section with performance results, we encountered multiple issues when attempting to conduct scan jobs on Windows 8.1 Pro. The app frequently popped up errors and crashed.

The estimated remaining time for scan jobs was not accurate.

RAM consumption was significant during scan tasks.

The scan job was very slow in our tests.

The Truth
Unless you're faced with a heavily malware-infected computer, Kaspersky Virus Removal Tool is a great tool to occasionally run scans, thanks to its terrific virus detection ratio results. Otherwise, you should probably look for something speedier.



Full Article
 

Answer:Kaspersky Virus Removal Tool Softpedia Review

Hi Petrovic

Thanks for the info. I'm using KIS 2015 and also find whilst scanning my PC that the RAM usage is very high, however I think Kaspersky is one of the best and fully trust their product. I've used the Kaspersky Virus Removal tool many years ago and it saved my laptop.

Tony
 

1 more replies
Relevance 80.36%

Used the Avert McAfee Stinger scanner says that computer is infected with Netsky D virus

in C:\_Restore\Archive\FS3.CAB\W0000011/CBY
System Restore was turned off during scan (and is still off)

How come the Symantec removal tool for Netsky says there is
no virus when McAfee Stinger says there is.

(virus making outlook and explorer inoperable..computer originally got Netsky B but was removed) Please help!
 

Answer:McAfee Stinger says there is Virus but Symantec removal tool says there is none...

16 more replies
Relevance 80.36%

I have another thread about defragging my hard drive and Norton Anti-Virus removal tool came up in the discussion, but I thought I should start a new thread asking about that, as it had veered from the original top of that thread. Hope that's the right thing to do... My laptop came with a trial-version of Norton Anti-virus, which I did not want to use, as I had been using AVG Free on my old computer and wanted to continue to use that. I don't recall exactly if I even opened the Norton trial-version when I first got my laptop, if it came pre-installed or just ready to install, and if it was just ready to install, whether or not I actually installed it (but it might have come installed already). Whatever the scenario was, I used add/remove programs and uninstalled it. But it's been suggested to me that this would not actually remove all the Norton files from my system (and it's possible that when I uninstalled, that box came up asking if you want to uninstall whatever kind of files those are, as other programs may be using them, and it wouldn't hurt to just leave them on -- if that did come up, I would have agreed to leave them on). Please note that: A. I am not having any issues with any conflicts or anything with my free AVG. B. My laptop came with a D: partition, which would contain the original setup of the laptop (which would still include this Norton trial anti-virus program, as far as I know, even though I removed it from the main C: drive). It's my hope not to mess with... Read more

Answer:Questions About Norton Anti-virus Removal Tool

1. If I install and run it, what if I actually don't have any Norton files on my hard drive to be removed -- will that cause any issue? Or will it just not do anything? If you have no norton files on the system, then it will say that it has finished and please restart. however, this is unlikely as it creates, registry keys under several different names, hides itself deep in windows program files, creates services. the best example to explain with is that norton is a tree and has embedded its roots it to windows and you may have removed the tree, but the roots will remain.2. We've been pm'ing a lot about my degragging questions and my C: drive and my D: partition, etc. If/when I run the Norton removal tool, will it only remove stuff from my C: drive? Since the free/trial version would still be on my D: partition as part of the original setup that came from HP (right?), I'm guessing I wouldn't want it to mess with that, since (as you said) it's best not to mess with anything on the D: partition. So can you set it so it only removes stuff from the main C: drive? It is possible that it will try to clean the other partition, but as the other partition is not active, then it shouldn't try and clean it, the removal tool leaves the norton AV.exe intact.3. Does having these (if any) remaining files from that free/trial version that I never used (but I think came pre-installed), after I removed it normally through add/remove programs (I know you said files linger) really cause any prob... Read more

5 more replies
Relevance 79.54%

Hi everyone!

I really
appreciate all the help I've gotten in my past postings! If you have
been one to engage in some of them, you can probably gather that I'm
hopeful to be a future technician! And thanks to all for the
encouragement! :)

I love to learn! I have some extensive computer background, as well as some
vocational / technical training as well, and I also do freelance
computer repair work on the side to make some extra money :) I'm here
today to ask another question, and I'm hoping for the best!

I'd like to inquire today about the Microsoft support tool - MSDT. I am aware that it is an internal tool available only to Microsoft engineers to aide with tuneup & virus removal. Since I love to learn about advanced troubleshooting, I was wondering
- does anyone know of any similar tools that are available (either paid or free). I would like to acclimate myself to something similar to that tool to learn from. If there is nothing out there, perhaps someone can give me a list of great freeware tools to
help remove viruses and other types of infections, as well as some PC tuneup tips?

Any and all feedback is deeply appreciated! Thank You so much!

- Mason

More replies
Relevance 79.54%

I received the security tool virus while randomly browsing the internet about two weeks ago. Upon infection, I followed the removal instructions at http://www.bleepingcomputer.com/virus-remo...e-security-tool. The virus seemed to be removed successfully, however I now have a browser hijacker. Whenever searching google and clicking on a link my browser is typically redirected to a faux antivirus site. This usually occurs successively three times and on the fourth time my browser directs me to the correct link. The redirect seems to occur more often when I'm clicking on links dealing with security/virus removal. I also get random pop-ups of the website survey and local-news-online.com periodically. I observe no other effects other than browser redirection, that I am aware of. I received this virus while using Internet Explorer and since have changed to using Firefox. I have also updated my computer security from Symantec Anti-Virus and Windows default firewall to Avast!, COMODO Firewall, and Malwarebytes Anti-Malware. I have run scans with MBAM, SuperAntiSpyware and Spybot, all were unable to fix the problem. In addition, when trying to download the DDS file, my computer recognizes the .scr file extension as an AutoCad script and opens it in notepad. I no longer have AutoCad on my computer and am not sure how to change this, but therefore I can not run the DDS program. The ARK.txt file from rootrepeal is attached. Thank you for any help.

Answer:The Website Survey redirect after "Security Tool" Virus Removal

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.[i]Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Thanks Please run OTL instead of DDSDownload OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy [b](Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

3 more replies
Relevance 79.54%

Dear all,
this is my first post here.
I am desperate for some help, as Security Tool has totally taken over my life since yesterday.

I am running XP professional
I got the Virus yesterday and used various online suggestions on how to remove it (stop process, delete exe and folder
delete regisrty etc.)
then XP did not start anymore
I started in Safe mode, ran Avast and had Avast delete a bunch of infected files
Still no regular start anymore
I then downloaded Spydoctor, which found a few more files. I deleted those manually.

Still cannot start XP other than in safe mode.
Tried to create a new user profile, but it is still stuck.
Cannot do system restore, even if I choose a very old restore point from 2008

I tried to reinstall XP booting from CD, but that did not work either.

I did manage to run DDS, but when I tried the root repeal scan the computer just froze so I cannot post a log.

I hope to receive some help here.
I did do a search and saw a few other posts, but I am not sure what to do.
So I figured before I make things worse, I ask for help.

Any feedback is appreciated.
Thanks
Vacky

More replies
Relevance 79.54%

Okay, so this afternoon in school, I was trying to remove a stupid "search.fast-find.net" virus that I contracted some how. I am a techy so I am not stupid about sites I go to either.

Anyways, while trying to remove it, I used Kaspersky's free virus removal tool. Once it scanned it said I needed to restart to remove the infection (it did find the virus).

So I restarted. Once I did, windows kept on hanging up at the boot screen where the little dots grow & swirl.

I have tried system restore, safe mode, start-up repair, and nothing. I am not able to get past that boot screen on safe mode either.

When I use safe mode to see where it hangs, it is at:
C:/Windows/System32/Drivers/CLASSPNP.SYS

SO, I tried going into recovery mode and using the command prompt to rename it:
C:/Windows/System32/Drivers/CLASSPNP.SYS CLASSPNP.OLD

But the result I get it "The system cannot find the path specified".

Is there anyway to restore just that file.

***I HAVE ABOUT 1000 PHOTOS ON THERE THAT I NEED FOR MY PORTFOLIO FOR COLLEGE NEXT YEAR SO I NEED THESE FILES BACK!!!!!***

PLEASE HELP ME!!!!!

-Jordan

Answer:Win7 x64 [email protected] CLASSPNP.SYS after run Kaspersky Virus removal tool

I suggest creating an antivirus boot disk.

I cannot attest to this one:
FREE Bootable AntiVirus Rescue CDs Download List

4 more replies
Relevance 79.54%

Hello,

I just got infected with two nasty programs that want me to disable or uninstall Avast and keep pestering me to do alot of different things. I tried to run a scan with Avast and managed to put in quarantine one infection from the Temprary Internet File, but it did not seem to fix the problem. I would take a picture to show how the virus icons look like, but I can't do that anymore since I have been infected. help.

More replies
Relevance 79.54%

Greetings,

First of all, I apologize for the breech in protocol. I am unable to post a log because my computer is not allowing me to launch any programs except for Internet Explorer. I write this from my wife's computer because the malware has blocked your site. After it became clear that it was going to block any site that mentioned Malwarebytes, I used her computer to burn a renamed mbam.exe onto a CD and loaded it onto my computer in safe mode with networking. It blocked the program from installing.

I've also tried explaining to it that I'm not angry, just disappointed. That also failed to fix the problem. frowny face.

Do I have a Sony Vaio Paperweight, or is there a fix out there? Everything beyond Malwarebytes seems to have serious consequences if used incorrectly, and so I hope that somebody will be willing to help me.

Thanks,
DS

Ok, people, I have more info.
After convincing my computer to run Malware bytes and Registry Repair several times, I continue to have the following issues:
-My hard disk appears to have nothing in it. ("My Documents" also had this problem, but 'unhide' fixed that. Note that the space that is used on the disk has remained about the same as it did prior to the MS Removal Tool pop-ups first appearance.)
-The application that I usually use to connect to the internet has stopped working. I am currently connected through the default windows program.
-My Start Menu only has Malwarebytes, Glary's Registry Repai... Read more

Answer:Intermediate MS Removal Tool Removal

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

3 more replies
Relevance 78.72%

I got the BSOD while working tonight and, while trying to find the root of the problem, have narrowed the problem down to the Kaspersky virus removal tool (free download). The original BSOD wasn't caused by that program, but every instance since is only the result of downloading that file.

Upon reboot, the system said that the problem file was 1033, which corresponded with a file in Microsoft Office 2010, which I had just activated two days earlier. Uninstalling and deleting the program caused the virus removal tool to give me a client registry error and then go back to the BSOD.

Have had no problems with any other programs, including Internet Security which has been run and come up with NO threats. An sfc fixed some problems, but I've run it three times with no further improvement. A system restore did not yield any better results.

I'm hoping this isn't virus or malware, but the cause is really confusing me since I've removed the files that would seem to be the culprit.

Here's MGADT:


Code:

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
Windows Product ID: 00359-OEM-8992687-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {1C05E2C7-CB4A-4719-A930-7C85D1AD8D99}(1)
Is Admin: Yes
Tes... Read more

Answer:BOSD downloading virus removal tool and client registry error

Hello and welcome sv. I run Kaspersky ISS and haven't had nay problems when using the TDSS just where did you download it from?

9 more replies
Relevance 78.72%

Virus removal tool cannot find the ad-ware generator files and ad-ware removal tool only removes the ad-ware and not the generator and therefore the ad-ware reappears when computer is restarted (after removal with ad-ware removal tool).

I have scanned my computer using AdwCleaner multiple times and it picks up that adware is present however after each cleanup, when the computer is restarted, the adware appears again. I have used the avast virus scan and removal tool and it has been successful in removing some files linked to the adware generator however for a few files that the tool has picked up, i am unable to delete them or move them to chest and the error message reads 'The system cannot find the file specified'. I have looked at solutions you provided to other users who had the same issue however i wasn't sure wether the methods applied specifically to each user or generally. I would appreciate your help greatly.
 

More replies
Relevance 78.72%

If its a real trojan or it mistaken a program for one. Its consider a high threat.

Answer:Kaspersky Virus Removal Tool reports Trojan.Win32.Autoit.agv

Same computer?
http://www.bleepingcomputer.com/forums/topic450680.html/page__p__2671497__fromsearch__1#entry2671497

5 more replies
Relevance 77.9%

I've been using the free version of Sophos Virus removal tool weekly for years.  Yesterday it reported being out of date.  So I uninstalled it after downloading the latest version from the link in the expired notification.  Restarted the computer and installed the latest version.  When I start it it reports the tool is expired and to download the latest version.  Tried twice, then gave up.  File version is 2.5.5.0 Any ideas?

More replies
Relevance 77.08%

I normally scan regularly with Malwarebytes and Symantec Endpoint Protection 11, and I haven't found anything with those recently. I occasionally use the Kaspersky Virus Removal Tool for a "second opinion", but I have had false positives found with it (For example, I did an avast! scan and SEP11 quarantined some files from avast mid scan as Downloaders as false positives, then Kaspersky found the same files and said I had multiple banload trojans incorrectly as well).

Yesterday I downloaded the most recent version of the Virus Removal Tool and it picked up a file with the pathname "C:\System.sav\util\RESBETA\RESDETECT.EXE" and said that it was "Trojan-Downloader.Win32.Banload.bmso". I searched for the file in my system and RESDETECT.exe has a nvidia logo, and it was created and last modified 11/14/2007, and it was last accessed 2/24/2008 at 6 a.m., when I don't think my PC was even on since I am rarely on my PC in the morning.

So what should I do? Should I delete the file, or ignore it? I don't want to delete anything from the System.sav folder without knowing that I must, and based on context clues, it seems like it is an auto resolution detecting program. Help as soon as possible is appreciated, as I want to use this computer as little as I can until I know it is safe.

Thank you.

EDIT: Upon further reflection, I didn't even have this PC until November of 2008, so this file hasn't been (apparent... Read more

Answer:Kaspersky Virus Removal Tool detected trojan in System.sav...is it a false positive or should I be worried?

Hello, Lets' upload this file for a second opinion on what it actually is..Please make sure that you can view all hidden files. Instructions on how to do this can be found here:How to see hidden files in WindowsPlease click this link-->JottiWhen the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit. <filepath>suspect.file Please post back the results of the scan in your next post.If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/NOTE:For submission to a specific anti-virus vendor see Submitting Virus Samples: How to Submit a Virus.

5 more replies
Relevance 77.08%

i had antivir the anti virus programe but on start up it would come up with an error of i think a file missing possible cause by an already existing virus so i removed it using Your Uninstaller! 2010 as it would not be removed. at the same time i was getting blue screen of death errors at random times which have seemed to become less frequent but more random i/e watching youtube or playing command and conquer campaing with nothing else running each time except itunes. i scaned my computer using Microsoft Windows Malicious Software Removal Tool and it found Virus:win32/alureon.G (Win32/Alureon.G) it was only partialy removed -so i found this fourm and have posted here. I also had to run gmer in safe mode (i dont know if this is a problem) because while running it i was getting blue screen of death in the first 10-20 sec. The BSOD code was 0x0000008e (0xc0000005_0x8bc41p1b_0x8fc23a10_0x00000000 ; i have been receiving another code consistanly all the other times it has apeared which i do not have a copy of. I bought this laptop with windows 7 already installed and do not have a disc although my manager friend from harvey norman may be able to suply one. It is the legit version of windows



DDS (Ver_10-03-17.01) - NTFSx86
Run by sperson at 17:49:35.86 on Thu 24/06/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.3056.2282 [GMT 8:00]


============== Running Processes ===============

C:\windows\system32\wininit.e... Read more

Answer:virus:win32/Alureon.G found in Microsoft Windows Malicious Software Removal tool

Simple solution: (for Toshiba Users)
WOW guys it apears to be a TOSHIBA FAULT perhaps bought on by antivir anti virus ( thats my guess) the problem is a power setting and not a harddrive fail or anything else like a virus what you need to do is
1) start > controll pannel
2)search mobile pc
3)open power options ( this can be done alternatively by right clicking your desktop and going to personalize then screen saver)
4) chose balance or eco which ever you are using currenlty
5) click change plan settings
6)click change advance power settings
7) find processor power management
8)set all of the values on both minimum and maximum to 100%
9) reboot your pc
0) ADDITIONAL: if you go from blue screen of death to either reboot or fan working but no response from screen or anything else take out battery then power cord. replugg the cord and not the battery confirm the settings are at 100% then shut down and reconnect battery (possible remove power cord before replugging both)
Worked for me :)

11 more replies
Relevance 77.08%

I am attempting to work through the Read-Run Me section for a friend's desktop pc a Dell-Dimension 2400 that's running Windows XP OS. I am still working on Step 1 in the Read-Run Me Section. I am unable to get it online, but have gotten Sun Java & CCleaner installed via downloading to another pc & using a CD. It is already in "Normal Start-up" when I checked via "Run...msconfig". My question at this point is: *Has anyone heard of "Personal Antivirus"? I have no idea where it came from or if it's even safe! It keeps popping up with "Critical" this & that, saying there is "Trojan.Win32.Agent.azsy" and "Bloodhound.PDF.8". An interesting point here is that it's running in the system tray, but will not close when I right click on it there. It also is NOT listed at all in Control Panel under Add/Remove Programs so I cannot uninstall it there. It wasn't on Geek's list of "Uninstall Malware via Add/Remove Programs", so is it safe, but just being a pain in the a...?! It has never been "registered" and I cannot find anything it has quarantined to clean out. I also do not see another Anti-Virus Program installed on this pc. I plan to run on through the Read-Run Me list, but may have to do much of it in Safe Mode. The pc also will not start in Safe Mode with Networking Support! Any suggestions at this point would be much appreciated!:confused Thank you so much! Shanre... Read more

Answer:Help with Anti-Virus Program Removal?

I hope this doesn't count as "bumping" but I did not think I should start a new thread since this is regarding the same infected pc, as mentioned above. I was able to work through the Read & Run Me sections and have attached the log files. I had to run the cleaning files off a CD, but was able to get connected to the internet long enough to update them. I could not get online to allow Combofix to finish with the restore point part, but ran it anyway. Hope I did as instructed. This one has been very difficult!

Thanks so much in advance for any suggestions! Shanrene
 

7 more replies
Relevance 77.08%

Hello TSF
I just bought a HP Envy 15t Touch, it's supposed to be a pretty good machine.
Long story short.. I only had this computer for 1 day, and ended up downloaded some ad-ware. I am in the process of rebooting my computer with all factory defaults.

What I would like to do once that finishes (assuming my computer will be mal-ware free) is well.. I need a checklist: here is what I have so far.

Unbox Computer, Update Windows, Download Google Chrome, Remove MacaFee Anti Virus, and install Kaspersky (Because I have a 1yr sub)
What I would like to do from this point is....

Remove all the Bloat-ware, that was pre-installed on my computer
I don't like there music player or movie player. I'd like to completely
remove these programs (The HP pic viwer and movie viewer.. Because they conflict with both Windows viewrs and also 3rd party viewers that I prefer to use.

Please Help Thank you in advance
Searda

Answer:New PC program removal & virus protect

Here's what I would do in your case, after the PC has been factory restored.

Setup Windows and change the power settings to your liking (Make sure it doesn't fall asleep during updates.

First, get all of the updated provided to you via Windows Updates.
Second, download and install of the latest drivers from HP.
Third, remove all bloatware that is installed on the system.
Fourth, install your antivirus protection.
Fifth, install your custom applications like Chrome.

3 more replies