Internet Security 2010

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


Does anyone have any suggestions on how to remove this bug.

I've Googled it, but the websites that I've arrived at are just out to set
anti-virus software. My PC is jammed packed with anti-viral software but it
didn't stop my present problem.

Who do I trust? It's a nightmare out there in virus land!

Ant ideas would be much appreciated.

Warren Smith
warren.smith@aol.com.au



Re: Internet Security 2010



On Mon, 1 Feb 2010 21:36:47 +1100, "Warren Smith"

Quoted text here. Click to load it

The only PC I ran into it, I used MalwareBytes Antimalware to kill it.
Had to manually remove the desktop shortcut and wallpaper left behind
by MBAM.

Re: Internet Security 2010



Quoted text here. Click to load it
.
MBAM will probably take care of it as long as it can run (some fake AV's
block MBAM).  You can also try this one:

http://majorgeeks.com/Remove_Fake_Antivirus_d6323.html


Re: Internet Security 2010



Revouninstaller is a good one.
http://www.revouninstaller.com /


Quoted text here. Click to load it



Re: Internet Security 2010



Quoted text here. Click to load it



No, RevoUninstaller is NOT for malware removal.

--
Fred W. (NL)

Re: Internet Security 2010





Warren Smith wrote:
Quoted text here. Click to load it

The free version of MBAM(MalwareBytes AntiMalware) or the free version on
SAS (SuperAntiSpyware) should do the job for you. If the  malware won't let
the setup file (mbam-setup.exe) for MBAM run, change the name of the setup
file and then run it.
You can change it to something like   warrensmith.exe   and then run it.
MBAB can be found at   malwarebytes.org:
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

and SAS can be found at SuperAntiSpyware.com:
http://www.superantispyware.com/superantispywarefreevspro.html

Download the free versions, install, update and then run.

Buffalo



Re: Internet Security 2010



Quoted text here. Click to load it

Well ... it's not a virus anyway.

You should supplement your pack of AV software with some antimalware
programs. MBAM and SAS are often recommended here.

Quoted text here. Click to load it

There *are* viruses, but this isn't one of them.

Quoted text here. Click to load it

...let's go to a picnic today.



Re: Internet Security 2010



On Mon, 01 Feb 2010 21:36:47 +1100, Warren Smith wrote:

Quoted text here. Click to load it


Hey folks, thanks for the help, much appreciated. I wish had of asked you
folks sooner. I clicked on Search&Destroy and it made a mess of the
registry, so I ended up with a login -logout loop.

I'm now following the instructions at http://thinkinginpixels.com/quick -
fixes/fix-windows-xp-log-onlog-off-loop/
in an effort at least get back into my system. Then I will follow your
instructions.

Wish me luck! I need it!






Re: Internet Security 2010



On 2/1/2010 9:24 PM, Warren Smith wrote:
Quoted text here. Click to load it
This might help

http://www.raymond.cc/blog/archives/2008/07/02/how-to-edit-windows-registry-key-values-without-booting-in-windows /

The key
HKEY_USERS > Microsoft > Windows NT > CurrentVersion > Winlogon

That normally points to userinit.exe

was most likely changed by malware to point to an infected file, when
the file is removed without changing the registry entry you can't login.

If you have a seconf pc and can slave the drive and figure out the name
of the file that was removed copy userinit.exe to that file name which
might work without changing the registry, but you'll need to fix
registry once you do login.

John

Re: Internet Security 2010




Quoted text here. Click to load it

Thanks again folks for the help. I finally finished it off with MalwareBytes
Antimalware.

All is well, apart from an error at bootup
Error Loading c\:windows\otejafabipere.dll
Any ideas?

TIA

Warren Smith



Re: Internet Security 2010



On Thu, 4 Feb 2010 08:24:52 +1100, "Warren Smith"

Quoted text here. Click to load it

Last remains of the malware.

Use Autoruns:
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
to find and delete the offending start-up entry.

--
Fred W. (NL)

Site Timeline