(Micro AV, XP Antivirus...) Infected with Rogue Antimalware? Look Here

Discussion in 'Windows - Virus and spyware problems' started by cdavfrew, Sep 18, 2008.

  1. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    1. Introduction

    What are rogue programs? Simply, they are programs which appear to do something, but rather, give false information and may also spy on you. The signs are obvious:

    programs you did not install give messages,
    • pop ups saying you have a virus,
    • and warning signs parading all around your screen.



    *********************************************************************


    2. Researching

    Believe it or not, when it comes to dealing with rogue antimalware, Google may very well be your best friend. The internet is a vast storage of information, and somewhere deep down there is bound to contain a website with removal instructions on your particular rogue antimalware program. That is the page we will look for, and it most probably wouldn't be that hard to find it.


    Simply go to www.google.com, and type in "Name Of Rogue Program" removal.

    Depending on what type of rogue antimalware program you have, the results will probably range from 100 million to 9.8 trillion, so there most probably will not be a problem. :)


    Things to look for:

    • Date of rogue program creation.

    If you happen to be infected with the very latest type, also known as a zero-day malware, the results might not prove that useful, so it's always good to wait for a while longer before following instructions on removal websites if the creation date is recent.

    • Changes made to system (Files/Folders/Registry Keys/Services/Drivers)

    After all, the whole point of researching is to remove what the malware has done to your computer, isn't it? This is the most important single step, and should not be relied on one website alone! While some websites may have good information, no website will have everything you need to know, so multiple websites are always good. Chances are, the websites you visit will also tell you how to remove such changes.

    • Malware Family

    If you know what family of malware the rogue program belongs to, this will help greatly. There are many great tools out there specializing in removal of malware families, such as Vundo or Smitfraud. If, let's say, you get infected by WinAntivirus, which is a variant of Vundo, simply download Vundofix by Atribune to remove your problem.


    These are only the basics. If you find more information on your particular rogue program, the better.


    *********************************************************************


    3. Scanning

    It is also important to scan with a good antispyware scanner to remove any traces you might have missed out. Here are the instructions for running a scan with SuperAntispyware.

    Please download Superantispyware Free and install it. Follow the prompts and reboot if required.

    Launch Superantispyware Free either by running C:\Program Files\SUPERANTISPYWARE.exe or right-click on the SuperAntispyware icon in your task bar (it looks like a bug) and click on Scan for Spyware, Adware, Malware...

    Configuring SuperAntispyware

    • Click on Preferences.
    • In the tab General and Startup, make sure the box Start SuperAntispyware when Windows starts is unchecked. This will prevent SuperAntispyware from starting everytime, because it may interfere with other fixes that may be run.
    • Navigate to the tab Scanning Control.
    • Make sure only these boxes are checked:
    Code:
    Close browsers before scanning
    Scan for tracking cookies
    Terminate memory threats before quarantining
    Scan Alternate Data Streams
    Use Kernel Direct File Access (recommended)
    Use Kernel Direct Registry Access (recommended)
    Use Direct Disk Access (recommended)
    • Click on Close.

    Updating SuperAntispyware

    • At the main window, click on Check for Updates....
    • Wait for SuperAntispyware to be fully updated.

    Scanning Time

    • Boot into safe mode by repeatedly pressing the F8 key after you press the power button. If safe mode does not work, do the scan in normal mode.
    • Launch SuperAntispyware.
    • At the main window, click on Scan your Computer....
    • Make sure all drives (excluding CD drives) are checked, select Perform Complete Scan, and then click on Next.
    • Wait for the scan to complete, and then click on Next>. This will quarantine and remove all detected items.
    Reboot your computer.


    *********************************************************************


    4. Final Clean Up

    Time to clean up the itty-bitty problems you might have left. Rogue anti-malware programs are notorious for disabling the Task Manager, Control Panel, and even Destop and Screensaver options! Here are some fixes that you can run if you do indeed have such problems:

    Fix Desktop and ScreenSaver tabs in Desktop Options

    Restore Task Manager, Folder Options, and Regedit

    You will have to restart your computer for the changes to take effect.

    You can also run generic cleanup programs such as Disk Cleaners and Defragmenters to speed up your computer. Free examples include CCleaner and Defraggler, both from Piriform.


    *********************************************************************


    5. Need More Help?

    Let's say you didn't manage to get rid of the malware, or you still have problems left over. We, here, the AfterDawn forums are available if you need help! Simply follow the instructions below to post a HijackThis log which will be needed if you decide to post here.

    Please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file.

    Rename HijackThis(.exe) to scanner(.exe).

    Next, run scanner(.exe). A window will pop up.

    • Click on the button which says Main Menu, then Do a system scan and save a logfile.
    • Please wait for the scan to be completed.
    • After the scan has completed, a text window will pop up. Please post the contents of this window here.

    This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved.

    NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer.


    *********************************************************************


    6. Final Words

    Prevention is better than cure. Find out how you got infected, and then immunize yourself so that your computer will never get infected that way again!


    Best Regards :D
     
    Last edited: Sep 21, 2008
  2. peacefull

    peacefull Member

    Joined:
    Oct 1, 2008
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Hi ev1

    dear god i have this problem also plz help me plzzzzzz
    MICRO AV is a virus?
     
  3. peacefull

    peacefull Member

    Joined:
    Oct 1, 2008
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    I have to say than-you and thank-you....I did get this SUPERANTISPYWARE and did what was said on here and it did work,but there is one thing how do i get the micro av icon out of control panel?
     
  4. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    Hey peacefull

    Now, please download ComboFix.
    With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

    Please disable all security programs, such as antiviruses, antispywares, and firewalls.
    Also disable your internet connection.


    • Run Combo-Fix.exe and follow the prompts.
    **Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.
    • Wait for the scan to be completed.
    • If it requires a reboot, please do it.
    • After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)

    Do not click on the ComoboFix window, as it may cause it to stall.

    Best Regards :D
     
  5. peacefull

    peacefull Member

    Joined:
    Oct 1, 2008
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    it can't not be rename for some reason
     
  6. peacefull

    peacefull Member

    Joined:
    Oct 1, 2008
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Hi again it me lol....
    Ok this is what i have done so far....i turn my system restore of and run my Norton scan on and it gave me more worm or what ever it was so i did take action on them and that Icon that was in control panel of MS AV it out from my computer....so this is a very good thing.

    I also i have to say I din't not have a SPYWARE Remover on my computer in fact never did,so thank you for leting me take one on here wich is that SuperAntiSpyware it work for me and i like it also,I also have a question for you if it ok....

    How do we mask the IP with the router?i do have this website but geez it all chiness to me... http://portforward.com/ so can you help me on this plz....and Thank you again
     
  7. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    Hey peacefull

    I will now ask you to open a new thread, so as to not crowd up this one. Thanks for understanding. :)

    Best Regards :D
     
  8. sahfasaga

    sahfasaga Member

    Joined:
    Oct 6, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    Hi,
    The Micro AV virus will not let me access any of the download sites for superantispyware. I have however run HijackThis and here is my log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:24: VIRUS ALERT!, on 10/6/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\MicroAV\MicroAV.exe
    C:\Program Files\NoAds\NoAds.exe
    C:\Program Files\PeerGuardian2\pg2.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\stickies\stickies.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\gearsec.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\Program Files\Trend Micro\scanner\HijackThis.exe
    C:\Program Files\Mozilla Firefox\firefox.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.att.net/ie4/search/index.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.java.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    O2 - BHO: QXK Olive - {11DFB01A-0852-4955-9747-C59E21DBBDA5} - C:\WINDOWS\dfmlxbpkvlo.dll
    O2 - BHO: QXK Olive - {41B2F79F-05DE-4D34-85C5-6040D42351C9} - C:\WINDOWS\vortsgbqmxv.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O3 - Toolbar: olnmraew - {1EE3EAF4-D787-4E81-944C-D61A9E1869C4} - C:\WINDOWS\olnmraew.dll
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AT&T DSL Service PCA Program] C:\PROGRA~1\AT&T\DSL\programs\dslpca.exe /ws
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [routercontrol] C:\WINDOWS:rtrcntrl.exe
    O4 - HKLM\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
    O4 - HKLM\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
    O4 - HKLM\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
    O4 - HKLM\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
    O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
    O4 - HKLM\..\Run: [\YUR59.exe] C:\Windows\system32\YUR59.exe
    O4 - HKLM\..\Run: [\YUR5A.exe] C:\Windows\system32\YUR5A.exe
    O4 - HKLM\..\Run: [\YUR5B.exe] C:\Windows\system32\YUR5B.exe
    O4 - HKLM\..\Run: [\YUR5D.exe] C:\Windows\system32\YUR5D.exe
    O4 - HKLM\..\Run: [\YUR5C.exe] C:\Windows\system32\YUR5C.exe
    O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
    O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
    O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
    O4 - HKCU\..\Run: [] C:\Documents and Settings\Julie\Application Data\Adobe\Player.exe
    O4 - HKCU\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
    O4 - HKCU\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
    O4 - HKCU\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
    O4 - HKCU\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
    O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
    O4 - HKCU\..\Run: [\YUR59.exe] C:\Windows\system32\YUR59.exe
    O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
    O4 - HKCU\..\RunOnce: [CheckNetworkConnection] "C:\Program Files\Support.com\providerComcast\desktopdoctor.exe" /flow /flow=diagnosenetwork /trayclick=true /haveconfirmedwiring=true /haverenewed=true /haverestartedmodem=true /onrestart=true /havehealed=true /issuenumber=62b45a20-76d8-4c04-8467-418ac39b5c98
    O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
    O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
    O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
    O16 - DPF: ActiveGS.cab - http://www.virtualapple.com/activegs.cab
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
    O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540002} - http://www.wildtangent.com/webdrivers/webinstall/shockwave/Install.cab
    O20 - AppInit_DLLs: cgftou.dll
    O21 - SSODL: onfwbsak - {7ED16EC3-919E-45E6-BDB6-7A4A4961EBAA} - C:\WINDOWS\onfwbsak.dll
    O21 - SSODL: lfstbwvd - {47323F6D-3678-4155-8706-9DE364960C3E} - C:\WINDOWS\lfstbwvd.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
    O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

    --
    End of file - 8961 bytes
     
  9. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    Hi sahfasaga

    Now, please download ComboFix.
    With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

    Please disable all security programs, such as antiviruses, antispywares, and firewalls.
    Also disable your internet connection.


    • Run Combo-Fix.exe and follow the prompts.
    **Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.
    • Wait for the scan to be completed.
    • If it requires a reboot, please do it.
    • After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)

    Do not click on the ComoboFix window, as it may cause it to stall.

    Please post the log in a new thread, and not crowd up this one. :)

    Best Regards :D
     
  10. sahfasaga

    sahfasaga Member

    Joined:
    Oct 6, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    Hi, Two problems:
    1. The link for Combofix doesnt seem to work. I did however find a torrent to download a version of it
    2. When I run it, it beeps and says it has detected rootkit activity and needs to reboot. When it reboots it does not start a scan, and if I start it up it gives me the same message about rootkit/rebooting. There is no txt log.
     
  11. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    Hey sahfasaga

    Please start a new thread!!!

    Please download Superantispyware Free and install it. Follow the prompts and reboot if required.

    Launch Superantispyware Free either by running C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.exe or right-click on the SuperAntispyware icon in your task bar (it looks like a bug) and click on Scan for Spyware, Adware, Malware...

    Configuring SuperAntispyware

    • Click on Preferences.
    • In the tab General and Startup, make sure the box Start SuperAntispyware when Windows starts is unchecked. This will prevent SuperAntispyware from starting everytime, because it may interfere with other fixes that may be run.
    • Navigate to the tab Scanning Control.
    • Make sure only these boxes are checked:
    Code:
    Close browsers before scanning
    Scan for tracking cookies
    Terminate memory threats before quarantining
    Scan Alternate Data Streams
    Use Kernel Direct File Access (recommended)
    Use Kernel Direct Registry Access (recommended)
    Use Direct Disk Access (recommended)
    • Click on Close.

    Updating SuperAntispyware

    • At the main window, click on Check for Updates....
    • Wait for SuperAntispyware to be fully updated.

    Scanning Time

    • Boot into safe mode by repeatedly pressing the F8 key after you press the power button. If safe mode does not work, tell me and do the scan in normal mode.
    • Launch SuperAntispyware.
    • At the main window, click on Scan your Computer....
    • Make sure all drives (excluding CD drives) are checked, select Perform Complete Scan, and then click on Next.
    • Wait for the scan to complete, and then click on Next>. This will quarantine and remove all detected items.
    Reboot your computer.

    Post A Log

    • Launch SuperAntispyware
    • Click on Preferences
    • Navigate to the tab Statistics/Logs.
    • Choose the latest scan log, and the click on View Log....
    Copy and paste the contents of the log here in your next post.

    Best Regards :D
     
  12. sahfasaga

    sahfasaga Member

    Joined:
    Oct 6, 2008
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    Okay I started a new thread called "Micro AV - SuperAntiSpyware Log" please look at my log, still having the same problems.
     
  13. NRL619

    NRL619 Member

    Joined:
    Oct 8, 2008
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    16
    I found this program called Malwarebytes Anti-Malware and it actually gets rid of it.
    Spyware Doctor wouldn't get rid of it and so wouldn't SPyhunter which are both shareware.
    Yet a freeware program like this did.
    Here is the link to it.
     

Share This Page