XP Antivirus 2008

tomcatonnet99

New member
this malware doesn't at present get detected by Spybot ( I use 1.5.2) which is regularly updated and it didn't detect it

how do I remove this malware pls
 
Its on RogueRemovers radar:

http://www.malwarebytes.org/roguenet.php?id=421

RogueRemoverFREE:

http://www.malwarebytes.org/rogueremover.php
 
Hello tomcatonnet99,

If Spybot-S&D does not detect or remove an item and you can find the files, please zip or rar them and send to: detections@spybot.info

For someone to take a look at the system, please follow the procedure in this link:
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Then start your own thread in the Malware Removal Forum where a helper will advise and guide you through the use of certain tools to remove the infection and any 'friends'.

Regards.
 
i have same problem and cleaned everything s&d would clean in safemode, and ran another scan in normal windows, didnt find nothing, and also copy/pasted a log of hijackthis.

is this a new virus? is there any progress?

im currently tryingt to go into my email inbox to send rar'ed copys of the stuff in my programFiles i dont recognize a folder called

rhclclj0endn

and another called

PCHealthCenter


QUESTION: i aways have teatimer.
Is always having it on a waste if im not using IE but firefox instead?
or does teatimer protect firefox aswell ?
 
Are you still having malware trouble? Do you have a firewall? Also, do you use a anti-virus program?

TeaTimer is the protection of overall settings of the OS. It does not 'protect' browsers (IE or Firefox). I think you meant Spybot's 'SDHELPER'. However, that applies only to Internet Explorer and not Firefox.

Read on:
What is the Resident TeaTimer
 
i did not see this post. i created a post concerning this. i beleive that spybot should detect this. just a opinion.
 
i did not see this post. i created a post concerning this. i beleive that spybot should detect this. just a opinion.

it is in spybots definition files but the ones i used did not work to find it no understanding why.

this is what i got from spybot

Hello Michael,

We have it already in our detections.
Perhaps you can send us the exe file for further examination?
Thanks. :-)

Best regards
Sandra
Team Spybot
 
Hello,

It will be in the next weeks betas.
In order to download the beta you have to activate the beta update settings in your Spybot.

Please run Spybot - Search & Destroy and switch to the Advanced mode via the menu item Mode.
Now select 'Settings' - 'Settings' from the navigation bar on the left.
There you will find the option 'Automation-Web update'.
Please activate the checkbox in front of 'display available beta versions' by ticking it.

Now search for updates and download all available updates.

Best regards
Sandra
Team Spybot
 
Hello,

Please send us your *complete* Spybot bug report: Run Spybot - Search & Destroy and switch to Advanced Mode via the menu item Mode, let it scan, try to fix the problems (!) and then go to "Tools --> View Report". Tick on all of the 10 checkboxes (leave "Do not report disabled or known legitimate items" unchecked) you can find there and click on "View Report". Now choose "Export" and save the file to your desktop. Please attach this file to your email and send it again to detections(at)spybot.info.
Please also refer to this thread in the e-mail.
Thanks. :)

Best regards
Sandra
Team Spybot
 
Rob
I got interrupted and have reconsidered

You need to start a new thread in the Safernetworking Malware Removal forum
(scroll down)
READ ALL THE STICKIES before you post
Include your AV, Os, Firewall and any symptoms in your post

run ccleaner or similar

Update and run a boot time scan with your AV if possible
quarantine any hits-- do not delete/ remove

update and UPDATE BETA DEFINITIONS and run a safe mode scan with spybot
(some additional detections were added to TODAY's Beta detections)

run a scan with F-Protect AV- it is one of the few not blocked by one of the current bad guys
quarantine any hits do not remove/delete

download HJT to your desktop, rt click and rename Hijackrob.exe
(some baddies will block when named hijackthis)
run a scan only and post the log according to directions
DO NOT FIX ANYTHING
you will see many being advised to run other programs like ComboFix, Rogue Remover, MBAM, SuperAntiSPY etc
they need to be run in a specific order depending on what combination of malware you have- If you have run any of these recently be sure to mention it.

post your logs
After you post WAIT FOR A RESPONSE
do NOT answer your own post or big delay will happen

good luck
 
Hi.
Hello,

Please send us your *complete* Spybot bug report: Run Spybot - Search & Destroy and switch to Advanced Mode via the menu item Mode, let it scan, try to fix the problems (!) and then go to "Tools --> View Report". Tick on all of the 10 checkboxes (leave "Do not report disabled or known legitimate items" unchecked) you can find there and click on "View Report". Now choose "Export" and save the file to your desktop. Please attach this file to your email and send it again to detections(at)spybot.info.
Please also refer to this thread in the e-mail.
Thanks. :)

Best regards
Sandra
Team Spybot



Rob
run ccleaner or similar
Nope, if posting in malware removal forum please don't.

download HJT to your desktop, rt click and rename Hijackrob.exe
(some baddies will block when named hijackthis)

A malware analyst will say if necessary.

Thanks.
 
Back
Top