avast didn’t recognize this as a virus, but it is spy ware, how do i get rid of it? its slowing down my pc so badly, i tried to manually remove it but it keeps coming back
Download MBAM then update it then run a Quick scan.
You may have to reboot to remove locked files.
RogueRemover is a utility that can remove various rogue antispyware, antivirus and hard drive cleaning utilities. Rogue applications are applications that rather than remove spyware, provide false positives, distribute malware or spyware, advertise, or provide useless uninstallers. The main point is that rogue applications are useless and eat up system resources.
A more accurate description is scam/scumware or rogueware.
Both of the programs mentioned should be able to detect this, however if you have a sample of the file add it to the avast chest and send the sample to avast:
Add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
Or
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and undetected malware in the subject.
I got infected this morning. It changed my background picture, avast keeps going off saying that I have a possible Trojan and the “windows xp antivirus 08” kept running in the background. There was nothing I could do to erase it, manually or automatically. Avast was ineffective in killing it and preventing more attacks. The only relief I got was to do a system restore but I can remember what wedsite I got it from so I am still unprotected. Can anyone help in preventing this virus from happening again?
Are you sure that avast was on and updated? I think it’s able to prevent this infection :
Which browser do you use?
Which other security programs do you have in your computer?
Biggs
Did you run Rogue remover of MBAM?
both you guys
There can be other infections associated with this infection
follow up to be sure
post back
This is a Trojan>the file name is ‘rehccttajOe3e1.exe’ (or with first 5 alphabets changes).
It might have installed Worms & Malwares too.It sits in System32 & Program files etc., duplicates on every attempt to delete it with any Antispyware or Antivirus.
see my story:- http://forum.avast.com/index.php?topic=37787.0
I suggest, full computer on-line scanning:
Kaspersky (very good detection rates)
ESET NOD32
Trendmicro housecall
F-Secure
BitDefender (free removal of the malware)
I had tried 3 Antiviruses:-Avast Pro(my resident On-access scanner), AVG AntivirusFree Latest(my standby) and Bitdefender2008 Latest(my standby)…all deleted the file, but instantly it reappeared changing its first 5 alphabets name.That is why I started removal manually. I think with Brute Force program only it can be killed since the ‘rogue’ might have already found loopholes in the well-known Antivirus Programs.
Try SuperAntiSpyware or ComboFix.
I find in software reviews of download.com(cnet) that Antimalware 1.24 of malwarebytes.org released recently will remove this Trojan-malware completely.This is a small tool of 1.84MB but costs $24.95 or so.
BAEMON
Yes you can pay for that fine program or for rogue remover pro
however we recommend a scan first with rogue remover free
and then MBAM
http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe
for a second opinion the EWIDO on line scanner is supposed to work as possibly the Microsoft malware removal tool and others
there are several versions of most malware in the wild and one size remover does not fit all
Superantispyware and spybot also take whacks
reread this post
http://www.bleepingcomputer.com/malware-removal/remove-power-antivirus-2009
Hello Baemon.
I just finished up cleaning Winantiviruspro off of a computer. I seemed to the best luck with running a boot time scan with avast, followed by running MBAM (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe) in safe mode.
You might try this, and then post a Hijackthis log.
Thanks for the post Mocked- the old one two punch- way to start
BAEMON
AVG does not have an on demand scanner
DO NOT have AVG and AVAST installed at the same time
I’m not going to say not to try an AVG scan
AVG has some fine features
THE EWIDO-AVG ANTIMALWARE engine
THE Anti root-kit
etc
however version 8 is having some well known teething problems
and is not exactly lightweight on resources
AVG has introduced a removal tool- there must be a reason
http://www.grisoft.com/ww.download-tools
so for stable operation
update and run your avg scan
then remove AVG and run the new removal tool
this will remove any quarantine so if you have quarantined anything you might want to rename that file and made a copy of any logs
now make sure you have a copy of the latest avast installer on your hard drive
remove Avast and run the removal tool
Then go to
http://www.pchell.com/virus/uninstallantivir.shtml
go to the bottom of the page and follow instructions for NORTON, PANDA, MCAFEE if they have every been anywhere near your machine- or preinstalled
Then start in the middle of the page
Using the AntiVir Registry Cleaner
If for some reason the normal uninstall does not work, you may have to download AntiVir’s registry cleaner utility to remove all traces of it from the registry and allow you to reinstall it.
- Click on the following link and download the AntiVir Registry Cleaner to your desktop
http://dl.antivir.de/down/windows/registrycleaner.zip
-
Create a folder on your desktop called Antivir and Unzip the file to your desktop
-
Double-click on the file called RegCleaner.exe to run it
-
Since the program is German, you’ll have to click on the button called “keys asulesen” to search the registry for any issues. Then place checkmarks next to the registry entries you wish to delete.
-
Finally, click on the button called “loschen” to delete the keys
-
Restart your computer and try to reinstall your antivirus
Reinstall avast on your nice clean system
Lists of appropriate on line, on demand AV’s are posted elsewhere on this thread
http://www.emsisoft.com/en/software/download/
also has a usb stick cleaner and an online cleaner which may be handy
I may be wrong,as I don’t have this program,but I think you will find it is free,the paid version has realtime protection for prevention,but the free part will still scan and remove malware
you are correct
I would run both MBAM free and rogue remover as they are not always updated concurrently
MS is also supposed to get this as is EWIDO on line scanner
http://fileforum.betanews.com/detail/Microsoft_Malicious_Software_Removal_Tool/1105473378/1
Thanks. I have already run File Assassin, Rogue Remover and Antimalware of Malwarebytes.org and got myself confirmed that there are no malwares in my computer.
see:- http://forum.avast.com/index.php?topic=37787.0
I wrote all thease for the benefit of “jonathan.l” who has originally started this topic, and he has not yet informed the outcome.
You are SO RIGHT
OP is AWOL