Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Cannot run my antispyware or antivirus program

Reply
Thread Tools

Cannot run my antispyware or antivirus program

 
 
Cam
Guest
Posts: n/a
 
      10-21-2008
Hi everyone,

I have a spyware since a couple of days that I can't get rid of. It
pops up every once in a while in a bubble in the right hand corner,
the system tray, saying that my computer is infected and that I need a
spyware program to clean it... If I click on it, it will install an
antyspyware program. The usual problem that I had with other spyware
before.

But the big problem with this one is that my antispyware and my
antivirus programs will not run and the one that will run (Ad Aware),
will not update anymore using the usual Internet connection made for
that purpose in the program . Furthermore it redirects my Internet
sites whenever I want to go to a antispyware or antivirus site!

Could someone please help me?

Thank you in advance
Cam
 
Reply With Quote
 
 
 
 
Cam
Guest
Posts: n/a
 
      10-21-2008
On Oct 20, 9:07*pm, "David H. Lipman" <DLipman~(E-Mail Removed)>
wrote:
> From: "Cam" <(E-Mail Removed)>
>
> | Hi everyone,
>
> | I have a spyware since a couple of days that I can't get rid of. It
> | pops up every once in a while in a bubble in the right hand corner,
> | the system tray, saying that my computer is infected and that I need a
> | spyware program to clean it... If I click on it, it will install an
> | antyspyware program. The usual problem that I had with other spyware
> | before.
>
> | But the big problem with this one is that my antispyware and my
> | antivirus programs will not run and the one that will run (Ad Aware),
> | will not update anymore using the usual Internet connection made for
> | that purpose in the program . Furthermore it redirects my Internet
> | sites whenever I want to go to a antispyware or antivirus site!
>
> | Could someone please help me?
>
> | Thank you in advance
> | Cam
>
> Cam:
>
> Please don't MultiPost.
> Please learn to Cross-Post to pertinent, On Topic, NewsGroups instead.
>
> Additionally, you were replied to by a fake MS MVP, software plagiarizer and malicious
> actor by the 'nym of PCBUTTS1.
> Please stear clear of his web site and any offereings "he" has provided you.
>
> I suggest you use the following...
> Malwarebytes Anti-Malwarehttp://www.malwarebytes.org/mbam/program/mbam-setup.exe
>
> If that does not work (and I am sure it will)...
>
> Download and execute HiJack This! (HJT)http://www.trendsecure.com/portal/en...HJTInstall.exe
>
> Then post the contents of the HJT log in your post in one of the below expert forums...
>
> { Please - Do NOT post the HJT Log here ! }
>
> Forums where you can get expert advice for HiJack This! (HJT) Logs.
>
> NOTE: Registration is REQUIRED in any of the below before posting a log
>
> Suggested primary:http://www.thespykiller.co.uk/index.php?board=3.0
>
> Suggested secondary:http://www.bleepingcomputer.com/foru...hp?showforum=7
>
> Suggested tertiary:http://www.dslreports.com/forum/clea...splay.php?f=13
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp


Thanks for your info concerning multi posting, sorry I did not know.
Also thanks for the info concerning the fake MS MVP, when I saw that I
thought that it was indeed a fake.

Now, concerning the sites you gave me, I tried to go on these site
but, I guess, the malicious spyware that I have on my PC will not let
me go there, I get a "page load error" whenever I try to open any of
the sites you gave me. It seems to be that a cannot open any sites
about spyware or viruses. Any other sites will open properly... I
guess my PC is badly infected!

Any other idea of what I could do? My spyware and antivirus programs
will not work and/or update and cannot go on security sites, I either
get an error message or I am redirected to other sites.

Thaks again,
Cam
 
Reply With Quote
 
 
 
 
Todd H.
Guest
Posts: n/a
 
      10-22-2008
"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:

> From: "Cam" <(E-Mail Removed)>
>
>
> | Thanks for your info concerning multi posting, sorry I did not know.
> | Also thanks for the info concerning the fake MS MVP, when I saw that I
> | thought that it was indeed a fake.
>
> | Now, concerning the sites you gave me, I tried to go on these site
> | but, I guess, the malicious spyware that I have on my PC will not let
> | me go there, I get a "page load error" whenever I try to open any of
> | the sites you gave me. It seems to be that a cannot open any sites
> | about spyware or viruses. Any other sites will open properly... I
> | guess my PC is badly infected!
>
> | Any other idea of what I could do? My spyware and antivirus programs
> | will not work and/or update and cannot go on security sites, I either
> | get an error message or I am redirected to other sites.
>
> | Thaks again,
> | Cam
>
> Sorry to hear that.
> Then your *best* option would be to wipe the PC and resinstall the OS from scratch after
> backing up your data.


Cam,

I strongly second this advice from David.


--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
chame1eon
Guest
Posts: n/a
 
      11-03-2008
I realize this is an old post , but why does it seem I'm the only one who
doesn't immediately resort to formatting. There are a lot of ways to
detect unwanted processes and rootkits. Is it just too time consuming?
Am I missing something?




On Wed, 22 Oct 2008 11:58:33 -0400, Todd H. <(E-Mail Removed)> wrote:

> "David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:
>
>> From: "Cam" <(E-Mail Removed)>
>>
>>
>> | Thanks for your info concerning multi posting, sorry I did not know.
>> | Also thanks for the info concerning the fake MS MVP, when I saw that I
>> | thought that it was indeed a fake.
>>
>> | Now, concerning the sites you gave me, I tried to go on these site
>> | but, I guess, the malicious spyware that I have on my PC will not let
>> | me go there, I get a "page load error" whenever I try to open any of
>> | the sites you gave me. It seems to be that a cannot open any sites
>> | about spyware or viruses. Any other sites will open properly... I
>> | guess my PC is badly infected!
>>
>> | Any other idea of what I could do? My spyware and antivirus programs
>> | will not work and/or update and cannot go on security sites, I either
>> | get an error message or I am redirected to other sites.
>>
>> | Thaks again,
>> | Cam
>>
>> Sorry to hear that.
>> Then your *best* option would be to wipe the PC and resinstall the OS
>> from scratch after
>> backing up your data.

>
> Cam,
>
> I strongly second this advice from David.
>
>




--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
 
Reply With Quote
 
Ari
Guest
Posts: n/a
 
      11-03-2008
On Mon, 03 Nov 2008 08:30:02 -0500, chame1eon wrote:

> I realize this is an old post , but why does it seem I'm the only one who
> doesn't immediately resort to formatting. There are a lot of ways to
> detect unwanted processes and rootkits. Is it just too time consuming?
> Am I missing something?


By definition, a rootkit may be near impossible to find and remove. The
damage can be hidden, then appear, ad infinitum.
 
Reply With Quote
 
Ari
Guest
Posts: n/a
 
      11-04-2008
On Tue, 4 Nov 2008 01:20:08 -0000, Trespasser wrote:

> I do find though that those people who's first action is to reach for the
> windows cd to perform a format either have the attitude that they do not
> have the ability to cleanse a system manually, they just dont have the time,
> or they are far too interested in making quick money. I myself have taken
> time to find a handfull of tools (all of them free) and there a very few
> machines I see that actually need formatting, after spending an hour running
> a couple of programs.


Heh, you're clueless.
 
Reply With Quote
 
chame1eon
Guest
Posts: n/a
 
      11-04-2008
On Mon, 03 Nov 2008 20:58:57 -0500, Moe Trin
<(E-Mail Removed)> wrote:

> On Mon, 03 Nov 2008, in the Usenet newsgroup alt.computer.security, in
> article
> <(E-Mail Removed) >, chame1eon wrote:
>
>> I realize this is an old post , but why does it seem I'm the only one
>> who doesn't immediately resort to formatting. There are a lot of
>> ways to detect unwanted processes and rootkits. Is it just too time
>> consuming? Am I missing something?

>
> Yes.
>
> You are depending on your tools to be able to detect the mal-ware.
> How do you know that 1) your tools haven't been compromised? 2) the
> access to the disk and/or operating system hasn't been altered such
> that your tools can't detect all of the alterations? 3) your tool[s]
> are even _aware_ of the latest version of the mal-ware? 4) your
> tool[s] have removed that _cause_ of the problem - the hole that the
> mal-ware used to gain control of your system in the first place.
>
> The answer is "you don't". Virtually all anti-mal-ware works by
> recognizing that "this" filename, or "that" bit pattern within a file
> identifies some specific piece of mal-ware. Anti-mal-ware companies
> receive copies of suspected mal-ware, analyze it to see what it is
> doing, and what distinguishing characteristics it has, and then release
> a new version of their product that "should" detect this new mal-ware.
> A problem with that mode is that the mal-ware author gets the latest
> version (that's version 6739, isn't it?) of the anti-mal-ware, and
> makes a minor change to his code, and it's a new virus that your latest
> version of anti-mal-ware can't detect. Lather, rinse, repeat.
>
> Old guy



I actually prefer things like hijack this, Ice sword, and the Systems
Internals tools that aren't as likely to need contstant updates.
Obviously it would be a little crazy to avoid the scanners that rely on
definitions.

I can see how any of them could fail especially when rootkits are
involved, and when I'm not sure exactly how they hide themselves and where
exactly things like Ice Sword and rootkit revealer are reading the
information from.

I guess when security is really important, or when someone isn't completly
aware of the risks a clean install is the safest. I just hate resorting
to formatting and I don't see how you can learn anything about how the
virus got there what, it was doing, and how, if you erase all of the
evidence.
 
Reply With Quote
 
chame1eon
Guest
Posts: n/a
 
      11-06-2008
On Wed, 05 Nov 2008 14:46:55 -0500, Moe Trin
<(E-Mail Removed)> wrote:

> On Tue, 04 Nov 2008, in the Usenet newsgroup alt.computer.security, in
> article
> <(E-Mail Removed) >, chame1eon wrote:
>
>> <(E-Mail Removed)> wrote:

>
>>> You are depending on your tools to be able to detect the mal-ware.
>>> How do you know that 1) your tools haven't been compromised? 2) the
>>> access to the disk and/or operating system hasn't been altered such
>>> that your tools can't detect all of the alterations? 3) your tool[s]
>>> are even _aware_ of the latest version of the mal-ware? 4) your
>>> tool[s] have removed that _cause_ of the problem - the hole that the
>>> mal-ware used to gain control of your system in the first place.

>
>> I actually prefer things like hijack this, Ice sword, and the Systems
>> Internals tools that aren't as likely to need contstant updates.
>> Obviously it would be a little crazy to avoid the scanners that rely
>> on definitions.

>
> Your tool should then know exactly what your system looks like in an
> uncompromised state. The usual answer to that is something like 'aide'
> (a modern replacement for 'tripwire'). Briefly, you have a snapshot
> of the system - often, multiple hashes to provide confidence - that is
> kept in a secure place. When you want to check the system, you bring
> out this magic (bootable) media, and run the various check-sums and
> hashes, comparing your snapshot with what-ever is on your system now.
> You use a separate operating system to avoid being had by an alteration
> in the normal O/S that either ignores data, or fakes the hash/checksum
> algorithms - everything is fine, citizen, nothing to worry about...
>
> The problem that usually defeats this type of system comparison is that
> your system is not static. Things are changing, perhaps frequently. It
> might be O/S updates/errata/patches, someone clicking on the "save this
> desktop arrangement - I like it" icon, or it might be someone
> installing a "helper" tool they found on some website to give them an
> innocent looking (to Mommy or the Significant Other) icon to click that
> will take them directly to their favorite gaming or pr0n site. How do
> you separate the wheat from the chaff - the real bad stuff from the
> stupid annoyances? Oh, and how do you know what the changes are
> actually doing?
>
>> I can see how any of them could fail especially when rootkits are
>> involved, and when I'm not sure exactly how they hide themselves and
>> where exactly things like Ice Sword and rootkit revealer are reading
>> the information from.

>
> Another disturbing thought: Does your anti-malware know how to talk
> _directly_ to the disk/what-ever? Or as is MUCH more likely, it is
> using O/S calls to find out what files are out there (trivial to
> subvert) never mind accessing those files.
>
>> I guess when security is really important, or when someone isn't
>> completly aware of the risks a clean install is the safest.

>
> You might be highly skilled at debugging an operating system or an
> application, but how many others are? That's why this enormous
> aftermarket in anti-mal-ware tools exist. And the tools have to be
> built such that your Aunt Bessie (who has a hard time figuring out
> how to operate a light switch) can use them.
>
>> I just hate resorting to formatting and I don't see how you can learn
>> anything about how the virus got there what, it was doing, and how,
>> if you erase all of the evidence.

>
> Not a problem. You do have spare disks, right? Pop the contaminated
> or questionable one out, drop in the replacement, and away you go. You
> are aware of mal-ware that installs itself in RAM, then erases the
> delivery files, right? It's gone when you reboot, never-mind doing a
> wipe and reinstall, but while it was there it could have been mailing
> death threats to your national politicians, spamming every customer of
> the ten largest ISPs in the world, mailing home any credit card and
> banking data it finds, as well as your SSH keys (so that other systems
> you have access to become 0wn3d by the bad guy).
>
> Old guy



I think your right that malware could be a lot more sophisticated, but
because a large number of users don't take countermeasures, it doesn't
need to be. So when it comes to things I think I'm likely to encounter on
my home pc convienience can take precidence.

I'm trying to get a degree for something computer related, so depending
on what
I end up doing, knowledge about tighter security could become an issue.

I still want to see what aide does though, so thank you.

I would switch out disks, but I don't even have a good way to back up the
stuff I have untill I get more money Most people who's pcs I've
cleaned don't have spares either.


--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
 
Reply With Quote
 
Ari
Guest
Posts: n/a
 
      11-06-2008
On Tue, 4 Nov 2008 13:02:44 -0000, Trespasser wrote:

> --
> Regards
> Trespasser
> ----------------------------
> I try to take one day at a time, but sometimes two or three gang up on me.
>
> I'm not paranoid, I know your watching me. (o-o)
>
> Show me a wireless network, I'll show you free broadband.
>
> So you think this sigantures bad ? You should see my handwriting
> ----------------------------
> "Ari" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> On Tue, 4 Nov 2008 01:20:08 -0000, Trespasser wrote:
>>
>>> I do find though that those people who's first action is to reach for the
>>> windows cd to perform a format either have the attitude that they do not
>>> have the ability to cleanse a system manually, they just dont have the
>>> time,
>>> or they are far too interested in making quick money. I myself have
>>> taken
>>> time to find a handfull of tools (all of them free) and there a very few
>>> machines I see that actually need formatting, after spending an hour
>>> running
>>> a couple of programs.

>>
>> Heh, you're clueless.

>
> #############
>
> Yeah your right. Tell that to my boss who pays me 15 p/h


Two idiots don't make either of you less clueless.
 
Reply With Quote
 
Ari
Guest
Posts: n/a
 
      11-06-2008
On Wed, 05 Nov 2008 13:48:06 -0600, Moe Trin wrote:

>>Yes, I use other other ways to detect malware rather than rely on AV-
>>type software. When rootkits are involved you need to compare things
>>like the in-memory image of the system service despatch table against
>>the original executable code.

>
> A problem there is that you are relying on the existing O/S to read
> the O/S memory, and some kind of comparison mechanism. How do you know
> that the memory you are examining is actually what is being used, and
> isn't something that is patched around.


The whore is either clean or dirty, never in between.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Antivirus Antispyware 2011 removal Mark Fuller Computer Security 0 04-11-2011 03:19 AM
Personal Antivirus Removal Guide (Remove fake rogue spyware calledpersonal antivirus) dfinc Cisco 7 08-06-2009 04:10 AM
symantec: norton antivirus versus norton antivirus corporate alexander rickert Computer Information 3 11-03-2004 09:37 PM
Sophos AntiVirus Vs Norton AntiVirus Tim Computer Support 7 08-16-2003 11:19 PM
Antivirus Questions - Norton Antivirus xmldso.cab file. Symevent? Nicole Kidman Computer Support 1 08-16-2003 06:13 PM



Advertisments