You have a security problem pop up! [Solved]

Hello all of you,

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

Download to your desktop and run Rogue Kill:

http://download.bleepingcomputer.com/grinler/rkill.com

You should now see a window that shows all of your desktop icons, including the rkill.com program. Now double-click on the rkill.com in order to automatically attempt to stop any processes associated with Security Tool and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Tool when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Tool . So, please try running Rkill until malware is no longer running.

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

http://en.kioskea.net/telecharger/telecharger-105-malwarebytes-anti-malware

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it Explorer.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.

Good luck

Download, install and run Malwarebyte which you can find on this site:

http://en.kioskea.net/telecharger/telecharger-105-malwarebyt es-anti-malware

Ensure you make an update.

Please request a FULL system scan, which may take about 90 minutes.

When the scan is completed, delete all items found.

its a scam nothing will work you have no virus after all you never heard of this company no matter what youll never get rid of it even deleting your i tried everything even calling the manufacturer. click the ? mark above that says help its live on aol.

hello i need help please my younger sister
downloaded some security tool thing and now it wont go away
and is alson stoping me from removing it or even opening any programes
i have no idea what to do should i just get anew computer ..

For me, I clicked on a link that said that I needed to download Adobe player 10.37, or something like that. Me, being ever gullible and super sleep deprived, I clicked on it. It then started giving me problems. During that time, I had an anti-virus called Panda, which was working fine until it kept on saying that my protection was low, and that I should restart my computer. It also said that if the problem had not fixed itself, I should uninstall Panda. So...I did. I then went and downloaded AVG free 8.5. After downloading, I thought that everything would be fine, so I started scanning my entire computer. After a very long couple hours, I ended up having 151 warnings (...fjdkfslj O__O; ) and one virus (which was immediately healed).

Then things started to act up...

Alright, so...I use Firefox (which is up-to-date). I never...EVER used Internet Explorer the entire time I had this computer. However, I've been getting pop-ups FROM THE IE WINDOW, giving me weird ads, and/or saying that the site is not found. If I don't click the close button fast enough, the AVG toolbar that had (oddly enough) installed in Internet Explorer, had detected a virus. It told me that I have "Exploit Rogue Spyware Scanner" and wouldn't let me do anything with it. So, after looking very hard for a solution, I found this forum, and I'm hoping that this stupid IE pop-up would stop. I already downloaded Malwarebytes, and is still scanning. I also have my disk defragmenter and AVG scanning. I'm about to go through disk cleanup and see if there is anything that I could do. I want to fix this problem as fast as I can before my internet connection will be cut off in a couple days, since I'm going to move.

Try this link, it worked for me

http://forums.cnet.com/...

When ever i open every single file it says it is infected with Lsas.Blaster.Keylogger help me i think my computer gone mental or has some kind of disorder?

Malwarebytes antimalwares is free and better
- Why to pay?

An example of log :

Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2

19:03:33 27/08/2008
mbam-log-08-27-2008 (19-03-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 148481
Time elapsed: 2 hour(s), 14 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 39

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb­4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc7a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc3a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\GLK35.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\eMule\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.03619 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal\VideosAnal.ico (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\1.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\2.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\3.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning\warnpage.html (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc7a2j0e91c.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\images54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images93.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo39.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_31.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album64.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album70.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.

Don't listen to any of this crap!

The pop up you are getting telling you that you have a virus and needs to scan is just a browser pop up. You don't have a virus. If this pop up comes up then close your browser and restart.

HI guys you I had recently made a notice that there are lot virus infections and where in the virus just looks like the antivirus programmes and also there are pop ups that blocks the services quite often... well thats shows that the computer has been infected with the trojen virus

u need to log on to www.jeeth.webs.com

>> click for virus removal tool
>> download malwarebytes antimalware
>> scan the computer and get teh virus removed
>> restart the computer and get teh issue resolved

Use the block pop up options in your browser.

THANXS A LOT GUYS... I JUST GOT RID OF MY ROGUE ANTI SPYWARE....

im facing a similar problem. i have tried kaspersky and avg they are worthless. not even trendmicro can remove it. mines has a "warning security report pop-up on the right bottom corner where the time is.. it changed my background pic to a sign that says "warning dangerous spyware... etc..' anyone have advice??

Windows defender detects this as the VUNDO trojan.

Go through your cookies and in the search, type "antispyware." Delete anything that comes up. That seems to have done it for me.

I had the same problem, and spent many hours trying to remove the system security. Finally, I downloaded STOPZILLA, and it cost me around ten dollars for a year. I downloaded and ran the program, ran the scan (I did it twice), and when I rebooted my system, the problem was gone! Hope this helps

Anyone who has a trojan/virus/worm/anything go to this website, download/install the program, pay $24.00 dollars to register it. Best program of its type I have found to date.

http://www.simplysup.com/tremover/details.html

I had the one of the pop-up that said "need to update your antivirus", made the mistake of clicking it and it loaded onto my computer. I tried everything they said on Cnet to remove it but made no progress. I happen to find this program by sheer luck and it got rid of the virus in mere minutes. I recommend you all download this progam.

Here is one virus it recently stoped before it was downloaded on my computer. This is part of the log:

Value Name: PoliceAV
Value Data: C:\Program Files\XPPoliceAntivirus\xppolice.exe
C:\Program Files\XPPoliceAntivirus\xppolice.exe - has a *known* Malware filename: PUS.XPPOLICEANTIVIRUS
C:\Program Files\XPPoliceAntivirus\xppolice.exe - this registry value has been removed [file not found to scan]
C:\Program Files\XPPoliceAntivirus\xppolice.exe - process is either not running or could not be terminated
C:\Program Files\XPPoliceAntivirus\xppolice.exe - unable to take ownership/change permissions
C:\Program Files\XPPoliceAntivirus\xppolice.exe - marked for renaming when the PC is restarted (if it exists)

Value Name: system tool
Value Data: C:\WINDOWS\sysguard.exe
C:\WINDOWS\sysguard.exe
292368 bytes
Created: 5/20/2009 4:10 PM
Modified: 5/20/2009 4:09 PM
Company: ?????????? ??????????
C:\WINDOWS\sysguard.exe appears to contain: TROJAN.AGENT
C:\WINDOWS\sysguard.exe - this registry value has been removed
C:\WINDOWS\sysguard.exe - running process located and terminated
C:\WINDOWS\sysguard.exe - file renamed to: C:\WINDOWS\sysguard.exe.vir

is it due to a spyware infection?i tried anti spywares

Hi

I m jeeth the virus specialist I have just recieved this mail about the problem you had on your computer where in now you can get rid of this where in all you have to do is just follow these steps and you can get your computer working fine with no problem in future

>> Step 1
*********

Shutdown the computer and restart the computer and dont forget to tap on F8

>> Step 2
*********
using up and down Arrow key select safemode with networking and press enter in advance boot option

>> Step 3
********

now if in windows xp select the user name as Administrator if Windows vista just log in

>> Step 4
********

try to connect to internet

>> Step 5
********
if connected log on to www.jeeth.webs.com

towards to the left hand side you have an option to click on virus removal tool

>> download malwarebytes and trojen remover

>> install them and run them and restart the computer once the scan is complete

please do follow the on screen instructions to make sure you have got the virus out of your computer

>> there you go
>> if you had followed the process correct all teh infections would be out

A way i fixed my problems were to simply make a new computer account in "control panel" and manually move the fies i wanted to keep from my old account to the new account and delete the old account ,simple.(Make sure you make yourself administrator on the new account.)