Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP. I have a replicating something called AV Security Essentials


  • Please log in to reply
21 replies to this topic

#1 TryingtoKeepUp

TryingtoKeepUp

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 30 June 2014 - 11:22 AM

After trying Malwarebytes, AVG, Avast, and now a full trial version of Norton 360 (They did a complete scan and fixes yesterday by remote with their Supervisor, it's still there. Has frozen up Programs and Features as well.  Do not know what to do and a bit nervous about buying or using a "Free" removal service from the net.  Any Lifeboats out there?


Edited by Queen-Evie, 30 June 2014 - 12:14 PM.
moved from Windows 7 to Am I Infected?


BC AdBot (Login to Remove)

 


#2 wpgwpg

wpgwpg

  • Members
  • 1,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US of A
  • Local time:07:38 AM

Posted 30 June 2014 - 11:37 AM

 I hope you don't have more than one antivirus program installed at a time, since that can cause unpredictable bad results.  To help with the problem determination,please download and run Speccy.  After running it click File -> Publish snapshot... Copy and paste the link it gives you into your next post.

 Then download minitoolbox and run it with the following boxes checked:

 
List last 10 Event Viewer Errors
 
List Installed Programs
 
List Users, Partitions, and Memory size
 
List Minidump files
 
Copy the resulting log and paste into a reply here.

Everyone with a computer should back his system up to an external hard drive regularly.  :thumbsup:

#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:38 AM

Posted 30 June 2014 - 11:38 AM

Welcome to Bleeping Computer.
 
Please run the following.  When you post the topic, copy the log and paste it in your topic.  Do not use a host website to post a link for a download as I will not use it.


Please run the ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Download and run Emsisoft.

 

 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:38 AM

Posted 30 June 2014 - 11:40 AM

If you still have any of the other antivirus programs installed remove all but one.

 

IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
 
Credit for this information goes to quietman7.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 TryingtoKeepUp

TryingtoKeepUp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 30 June 2014 - 12:48 PM

To dc3: Thanks, the scan is in process.  To the others for responding thanks as well, Norton Rep didn't tell me or even suggest to turn off Microsoft security essentials.  I have tried to eliminate this hijacker but it self replicates and has even locked up my programs and features tool in the control box.  I am presently in the System Configuration and turning off a couple of devices that apparently allow remote access or viewing, which is frightening to say the least.  This explains why many many phone calls have been showing up either as hangups or solicitations, with very little help from AT & T.  Thanks to all.



#6 TryingtoKeepUp

TryingtoKeepUp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 30 June 2014 - 01:36 PM

Scan only 21% done. And again, thanks to all, have spent two days trying to kill this thing without any success. Fortunately fishing and hunting skills are better! Will post results when finished. This is quit a pesky little problem, even when I'm on Yahoo there is now a relatively new beige box up at the top of the browser that says, you are using an unsupported browser, please click "Here" to update to a supported browser. Never seen that before, in safe mode surfing or not.

#7 TryingtoKeepUp

TryingtoKeepUp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 01 July 2014 - 01:18 PM

Ok, I tried after saving ESET Scan Log to documents and then transferring to here, but it apparently didn't work.  I looked, it's there, and I copied and pasted it to this particular message, but I don't see it here.  In any case, when I go to Programs and Feature in the Control Panel, I click on Malwarebytes to uninstall, but I keep getting "Please wait until the current program in finished uninstalling or being changed".  In other words, it's locked up. I am the administrator, but this virus or what ever it is has apparently blocked me from uninstalling anything. Like, Norton, AVG, Malwarebytes and Microsoft Security Essentials as well. I can't uninstall anything.  However, I was able to turn off NORTON, MSE, AVG, and Malwarebytes.  EmsisoftEmergencyKit.exe is presently 74% downloaded, and after going through it's process's I will go through the Adwcleaner as well.  Thanks for all the replies, it's like having good neighbors, maybe better!



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:38 AM

Posted 01 July 2014 - 01:34 PM

You don't need to uninstall Malwarebytes, this is a antimalware, not an antivirus.

 

Have you tried uninstalling the other antivirus programs while in Safe Mode?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 dlaxtn22

dlaxtn22

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 01 July 2014 - 01:46 PM

Have you tried the windows all in one repair tool it can reset group policies set by viruses and it can be downloaded free from this site in the downloads section.   It appears your problems are due to policies et locking the computer down also if there is another profile on the computer try logging on to it as long as it has admin rights usually being able to work from another windows profile to start cleaning the infection can help because alot of these viruses are profile specific but can spread other wise regards.



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:38 AM

Posted 01 July 2014 - 02:19 PM

@dlaxtn22

 

They need to uninstall all but one of the antivirus programs, this is a priority.

 

IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
 
Credit for this information goes to quietman7.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 dlaxtn22

dlaxtn22

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 01 July 2014 - 02:38 PM

yes I agree there should only be one active scanning antivirus multiple live antivirus software cause major problems besides that don't know if this is true but thought they were ending support for security essentials anyone else heard that?  I saw that they mentioned having that installed.



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:38 AM

Posted 01 July 2014 - 03:15 PM

Microsoft stopped allowing downloads of Secruity Essentials for XP and stopped support on 2/14/2014.

 

Personally... I would get rid of all of the antivrus programs on this computer and install Avast, even the free version.


Edited by dc3, 01 July 2014 - 03:16 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 TryingtoKeepUp

TryingtoKeepUp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 11 July 2014 - 06:59 AM

OK.  This is where I stand.  Nothing has removed this AV Security essentials.  I am now at the place where my computer will not boot up in anything but, SafeMode-Without Networking.  Even in Safemode, I can not make any changes, when I attempt to, even with msconfig, when it rebootes, it's again back in safemode without any network.  This is a Terabyte HD, I have had it partioned by Ubuntu when I Downloaded their System that automatically partitions my elected space to that which is I think about 30% to Ubuntu. This partioning and working very smoothly setup has not been an issue a single time when choosing which system to boot in.

In that I can not even access my documents, many many important ones, or pics, 15,000+ most in 8-Meg, I seem to be between a rock and a hardplace. SYSTEM Restores points can be chosen, and I have done so with every single one available, all restarting back to the same msg, None of your imformation has been changed, system restore point could not bla bla bla.   I can fall back on System RESET (might be the wrong term) but I lose all documents and pics.  Lastly, if I choose this last option, who is to say the Problem is not still embedded some where?   If I could get this thing to boot up in a mode with networking, maybe I could resolve the issue at hand, so,,, if I can,,,, get to msconfig in this safemode, is there maybe something I should do to restore system settings so I can clean this pesky virus  or what ever it is.  Karma is going to come back and *&*$&#SLAP someone, I don't know who or where, but man they have it coming for doing this kind of voodoo to people.  To those that have responded again I thank you.  To answer your questions, I do not have any other protections running except ESET Smart Security.  I am presently responding on an XP system also protected by ESET Smart Security.  Regards to all.



#14 TryingtoKeepUp

TryingtoKeepUp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 11 July 2014 - 07:05 AM

To the Avast or AVG, don't recall, but one of them is Russian, and one of them just got hacked last week.  I am not too sure Either, is an answer, but I am not an expert.  Again to the multi running protections, a few have been deleted, and the remaining that I cound't delete I turned off., but I'm still at the forementioned state.  Again thanks.



#15 JohnC_21

JohnC_21

  • Members
  • 23,207 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:38 AM

Posted 11 July 2014 - 09:45 AM

I would do the following. Download Kaspersky Rescue Disk. This is a linux based disk so it does not care anything about Windows. The disk has a file manager built in so copy any of your important files to a external drive first using the File Manager. Then do a virus scan. It easiest to connect the computer via Ethernet as Kaspersky will auto update. After you download the iso burn it to a disk using Windows 7 by right clicking > burn disk image. If you are using XP, then you can use a program like Imgburn or Isoburner. If using Imgburn make sure you opt out of any optional programs. Imgburn does a very good job of burning iso files. If you want to use a bootable USB flash drive, see this guide.

 

I would run the WindowsUnlocker Option before doing the virus scan and after you have copied your critical files. WindowsUnlocker will look for anything it can find in the registry.

 

Kaspersky User Guide

 

http://www.malwarehelp.org/remove-malware-using-kaspersky-rescue-disk-2011.html

 

Neither avast or AVG are russian. They are both Czech companies






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users