From: Jose on
On Feb 12, 8:56 am, jock <j...(a)discussions.microsoft.com> wrote:
> security center is blocking access to all internet sites on one user login
> account. the other logins seem to be ok. running windows xp. home edition..
> --
> jock
>
>
>
> "Russ - SBITS.Biz" wrote:
> > Also get this
> >http://www.malwarebytes.org/
> > Russ
> > --
> > Russell Grover - [SBS-MVP]
> > 24hr SBS Remote Support -www.SBITS.Biz
> > Second Opinion -www.PersonalITConsultant.com
> > Free Trial Microsoft Online Services -www.Microsoft-Online-Services.com
>
> > "Russ - SBITS.Biz" wrote:
>
> > > Sounds like you've been HiJacked
> > > First Disconnect your PC from the NETWORK
> > > Download this onto a USB Drive
> > > and run it
> > >http://free.antivirus.com/hijackthis/
>
> > > Find the Offected Registries.
> > > (Google if you won't know what a program is it will tell you if it's ok or
> > > not)
> > > Russ
> > > --
> > > Russell Grover -[SBS-MVP]
> > > 24hr SBS Remote Support -www.SBITS.Biz
> > > Second Opinion -www.PersonalITConsultant.com
> > > Free Trial Microsoft Online Services -www.Microsoft-Online-Services.com
>
> > > "jock" wrote:
>
> > > > Message constantly popping up from security shield on lower right screen.
> > > > system intrusion or stealth intrusion, security breach, system danger,
> > > > privacy threat etc. .
> > > > -CA virus scan OK. CA Spyware scan OK. SPYBOT scans ok. Popup box when
> > > > trying to access internet shows IRC-worm.dos.septic or
> > > > trojan-bnk.win32.keylogger.gen
> > > > Asking me to purchase upgrade XP security. Can not seem to rid pc of this.
> > > > Help. JOCK

Stop guessing what it might be.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpyware: (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.
From: Saucy on
Reading your post and I think you have what is called "rogue anti-virus"
software - which isn't anti-virus software at all - it itself is the
malware! They are trying to get you to buy their "full" program in order to
remove what they themselves have put there. Instead use known good software
such as Malwarebytes to remove this cr*p from your PC.

One thing you should do is have a good look at the thing and do a bit of
research first using the search engines. Do not use any removal tools that
are not 'known good' or that ask for money as you might just be digging
yourself deeper into the rogue's doo doo.

Ideally, you would have a full system image you could just reapply - so your
PC is back like new - apps - settings - 'n all - and a current backup of
more recent data which you could then just import. You could be back running
as if it never happened in under an hour. Look into "system image" and
"backup" and consider a back up and recovery strategy that doesn't involve
reinstalling everything all over. Windows 7, BTW, has wonderful backup
utilities built right in - you might consider moving to a PC running Windows
7 just for that.




"jock" <jock(a)discussions.microsoft.com> wrote in message
news:F0B7318A-238A-4D75-9973-97A10C40674E(a)microsoft.com...
> Message constantly popping up from security shield on lower right screen.
> system intrusion or stealth intrusion, security breach, system danger,
> privacy threat etc. .
> -CA virus scan OK. CA Spyware scan OK. SPYBOT scans ok. Popup box when
> trying to access internet shows IRC-worm.dos.septic or
> trojan-bnk.win32.keylogger.gen
> Asking me to purchase upgrade XP security. Can not seem to rid pc of this.
> Help. JOCK

From: PA Bear [MS MVP] on
You are seeing the effects of an already-present hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
• http://mvps.org/winhelp2002/unwanted.htm
• http://inetexplorer.mvps.org/tshoot.html
• http://www.mvps.org/sramesh2k/Malware_Defence.htm
• http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002

jock wrote:
> Message constantly popping up from security shield on lower right screen.
> system intrusion or stealth intrusion, security breach, system danger,
> privacy threat etc. .
> -CA virus scan OK. CA Spyware scan OK. SPYBOT scans ok. Popup box when
> trying to access internet shows IRC-worm.dos.septic or
> trojan-bnk.win32.keylogger.gen
> Asking me to purchase upgrade XP security. Can not seem to rid pc of this.
> Help. JOCK

From: jock on
Thank you all for the responses. I had CA security suite installed which has
not detected this problem. what I find strange is that I can log on as
another user and the computer seems to be fine. I have contacted CA and they
are going to try to resolve this problem. they issued me a case number and
will have their "infectious malware/spyware professionals" contact me.
--
jock


"PA Bear [MS MVP]" wrote:

> You are seeing the effects of an already-present hijackware infection!
>
> NB: If you had no anti-virus application installed or the subscription had
> expired *when the machine first got infected* and/or your subscription has
> since expired and/or the machine's not been kept fully-patched at Windows
> Update, don't waste your time with any of the below: Format & reinstall
> Windows. A Repair Install will NOT help!
>
> Microsoft PCSafety provides home users (only) with no-charge support in
> dealing with malware infections such as viruses, spyware (including unwanted
> software), and adware.
> https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1
>
> Also available via the Consumer Security Support home page:
> https://consumersecuritysupport.microsoft.com/
>
> Otherwise...
>
> 1. See if you can download/run the MSRT manually:
> http://www.microsoft.com/security/malwareremove/default.mspx
>
> NB: Run the FULL scan, not the QUICK scan! You may need to download the
> MSRT on a non-infected machine, then transfer MRT.EXE to the infected
> machine and rename it to SCAN.EXE before running it.
>
> 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
> in Safe Mode with Networking, if need be:
> http://onecare.live.com/site/en-us/center/howsafe.htm
>
> 2b. Vista or Win7=> Run this scan instead:
> http://onecare.live.com/site/en-us/center/whatsnew.htm
>
> 3. Now run a thorough check for hijackware, including posting requested logs
> in an appropriate forum, not here. DO NOT SKIP THIS STEP!!
>
> Checking for/Help with Hijackware:
> • http://mvps.org/winhelp2002/unwanted.htm
> • http://inetexplorer.mvps.org/tshoot.html
> • http://www.mvps.org/sramesh2k/Malware_Defence.htm
> • http://www.elephantboycomputers.com/page2.html#Removing_Malware
>
> **Chances are you will need to seek expert assistance in
> http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
> http://www.spywarewarrior.com/viewforum.php?f=5,
> http://www.dslreports.com/forum/cleanup,
> http://www.bluetack.co.uk/forums/index.php,
> http://aumha.net/viewforum.php?f=30 or other appropriate forums.**
>
> If these procedures look too complex - and there is no shame in admitting
> this isn't your cup of tea - take the machine to a local, reputable and
> independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Client - since 2002
>
> jock wrote:
> > Message constantly popping up from security shield on lower right screen.
> > system intrusion or stealth intrusion, security breach, system danger,
> > privacy threat etc. .
> > -CA virus scan OK. CA Spyware scan OK. SPYBOT scans ok. Popup box when
> > trying to access internet shows IRC-worm.dos.septic or
> > trojan-bnk.win32.keylogger.gen
> > Asking me to purchase upgrade XP security. Can not seem to rid pc of this.
> > Help. JOCK
>
> .
>
From: jock on
Contacted microsoft support and after 3 hrs. on the phone resolved the
problem. Lookout for :AV.exe." Lethal!!!!!!!
--
jock


"jock" wrote:

> Thank you all for the responses. I had CA security suite installed which has
> not detected this problem. what I find strange is that I can log on as
> another user and the computer seems to be fine. I have contacted CA and they
> are going to try to resolve this problem. they issued me a case number and
> will have their "infectious malware/spyware professionals" contact me.
> --
> jock
>
>
> "PA Bear [MS MVP]" wrote:
>
> > You are seeing the effects of an already-present hijackware infection!
> >
> > NB: If you had no anti-virus application installed or the subscription had
> > expired *when the machine first got infected* and/or your subscription has
> > since expired and/or the machine's not been kept fully-patched at Windows
> > Update, don't waste your time with any of the below: Format & reinstall
> > Windows. A Repair Install will NOT help!
> >
> > Microsoft PCSafety provides home users (only) with no-charge support in
> > dealing with malware infections such as viruses, spyware (including unwanted
> > software), and adware.
> > https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1
> >
> > Also available via the Consumer Security Support home page:
> > https://consumersecuritysupport.microsoft.com/
> >
> > Otherwise...
> >
> > 1. See if you can download/run the MSRT manually:
> > http://www.microsoft.com/security/malwareremove/default.mspx
> >
> > NB: Run the FULL scan, not the QUICK scan! You may need to download the
> > MSRT on a non-infected machine, then transfer MRT.EXE to the infected
> > machine and rename it to SCAN.EXE before running it.
> >
> > 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
> > in Safe Mode with Networking, if need be:
> > http://onecare.live.com/site/en-us/center/howsafe.htm
> >
> > 2b. Vista or Win7=> Run this scan instead:
> > http://onecare.live.com/site/en-us/center/whatsnew.htm
> >
> > 3. Now run a thorough check for hijackware, including posting requested logs
> > in an appropriate forum, not here. DO NOT SKIP THIS STEP!!
> >
> > Checking for/Help with Hijackware:
> > • http://mvps.org/winhelp2002/unwanted.htm
> > • http://inetexplorer.mvps.org/tshoot.html
> > • http://www.mvps.org/sramesh2k/Malware_Defence.htm
> > • http://www.elephantboycomputers.com/page2.html#Removing_Malware
> >
> > **Chances are you will need to seek expert assistance in
> > http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
> > http://www.spywarewarrior.com/viewforum.php?f=5,
> > http://www.dslreports.com/forum/cleanup,
> > http://www.bluetack.co.uk/forums/index.php,
> > http://aumha.net/viewforum.php?f=30 or other appropriate forums.**
> >
> > If these procedures look too complex - and there is no shame in admitting
> > this isn't your cup of tea - take the machine to a local, reputable and
> > independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.
> > --
> > ~Robear Dyer (PA Bear)
> > MS MVP-IE, Mail, Security, Windows Client - since 2002
> >
> > jock wrote:
> > > Message constantly popping up from security shield on lower right screen.
> > > system intrusion or stealth intrusion, security breach, system danger,
> > > privacy threat etc. .
> > > -CA virus scan OK. CA Spyware scan OK. SPYBOT scans ok. Popup box when
> > > trying to access internet shows IRC-worm.dos.septic or
> > > trojan-bnk.win32.keylogger.gen
> > > Asking me to purchase upgrade XP security. Can not seem to rid pc of this.
> > > Help. JOCK
> >
> > .
> >