Ask a question Report

You have a security problem pop up! [Solved]

Anonymous - Latest answer on Jun 10, 2010 05:59AM
Hello, i really need help.
I have a new dell inspiron laptop with a full AVG package but this pop up keeps coming up, i have tried hundreds of websites and hundreds of downloads and nothing has worked. Even if i dont click on the pop up it automatically interupts anyhing im doing. Usually it just tells me a threat has been detected and the name of the threat which is exploit rogue spyware scanner (but ive noticed a few different threat names too) then when i click ok i get a message saying undefined and when i click ok the same message comes up agian only with a question mark beside it. While all this is happening a scan is automatically started which then tells me i have a hardware error in both drives C and D and a security threat in shared documents although i dont have any shared documents nor can i find a hardware error in either of these drives. A message then appears telling me harmful and malicious software detected, it lists 3 programs that are of high alert level, they are; ipexewin.exe; audiopitusr.exe; exeiptransfer.exe. (These are all meaningless to me) Im given 2 options in this message remove or ignore and it doesnt matter what i click, i get a file download-security warning asking me to run, save or cancel. If i click save it saves something which i have never been able to find again and if i click run i get an internet explorer warning, so far i havent went any further just incase but ive tried everthing else.
Sometimes it will offer me scans from a package which do no good. Ive downloaded everything recomended and nothing will work, im currently running a malwarebytes antivirus scan which has taken over an hour and is still not finished.
Im really not great with computers and i would appreciate it if i could get any help at all but in simple terms and steps as i really dont understand computer jargin, i really need simple as in go there and click that please. Any help would be greatly appreciated
Read more 
Answer
+32
moins plus
Hello all of you,

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

Download to your desktop and run Rogue Kill:

http://download.bleepingcomputer.com/grinler/rkill.com

You should now see a window that shows all of your desktop icons, including the rkill.com program. Now double-click on the rkill.com in order to automatically attempt to stop any processes associated with Security Tool and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Tool when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Tool . So, please try running Rkill until malware is no longer running.

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

http://en.kioskea.net/telecharger/telecharger-105-malwarebytes-anti-malware

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it Explorer.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.

Good luck
kope- Apr 29, 2010 11:00PM
i try to run Rogue Kill but it doesnt open.What should i do?
Reply
levi...- Jun 10, 2010 12:40AM
if its not letting you save to your desktop which you should be doing, i.e i use vipre and everytime this happens you have to diable the protection while you do this process. im sure its the same with others. once you do that then just download antimalware and do a full system scan.
Reply
Add comment
Answer
+22
moins plus
Download, install and run Malwarebyte which you can find on this site:

http://en.kioskea.net/telecharger/telecharger-105-malwarebyt es-anti-malware

Ensure you make an update.

Please request a FULL system scan, which may take about 90 minutes.

When the scan is completed, delete all items found.
Add comment
Answer
+5
moins plus
its a scam nothing will work you have no virus after all you never heard of this company no matter what youll never get rid of it even deleting your i tried everything even calling the manufacturer. click the ? mark above that says help its live on aol.
Add comment
Answer
+5
moins plus
hello i need help please my younger sister
downloaded some security tool thing and now it wont go away
and is alson stoping me from removing it or even opening any programes
i have no idea what to do should i just get anew computer ..
Add comment
Answer
+3
moins plus
For me, I clicked on a link that said that I needed to download Adobe player 10.37, or something like that. Me, being ever gullible and super sleep deprived, I clicked on it. It then started giving me problems. During that time, I had an anti-virus called Panda, which was working fine until it kept on saying that my protection was low, and that I should restart my computer. It also said that if the problem had not fixed itself, I should uninstall Panda. So...I did. I then went and downloaded AVG free 8.5. After downloading, I thought that everything would be fine, so I started scanning my entire computer. After a very long couple hours, I ended up having 151 warnings (...fjdkfslj O__O; ) and one virus (which was immediately healed).

Then things started to act up...

Alright, so...I use Firefox (which is up-to-date). I never...EVER used Internet Explorer the entire time I had this computer. However, I've been getting pop-ups FROM THE IE WINDOW, giving me weird ads, and/or saying that the site is not found. If I don't click the close button fast enough, the AVG toolbar that had (oddly enough) installed in Internet Explorer, had detected a virus. It told me that I have "Exploit Rogue Spyware Scanner" and wouldn't let me do anything with it. So, after looking very hard for a solution, I found this forum, and I'm hoping that this stupid IE pop-up would stop. I already downloaded Malwarebytes, and is still scanning. I also have my disk defragmenter and AVG scanning. I'm about to go through disk cleanup and see if there is anything that I could do. I want to fix this problem as fast as I can before my internet connection will be cut off in a couple days, since I'm going to move.
Add comment
Answer
+2
moins plus
omar- Dec 15, 2008 02:56AM
ok I wil try it!
wish me good luck!
Reply
fengyuwuzu 6Posts Thursday March 26, 2009Registration date May 13, 2009Last seen - Mar 27, 2009 09:15AM
does it work?
Reply
bean- Jan 10, 2009 01:15AM
Thank you!!!
Reply
Ron- Apr 7, 2009 11:41AM
fantastic...had the same problem..annoying. I was ready to pay to have someone check it out. Norton didn't detect anything wrong, neither did AdAware, neither did Windows Defender. Then it dawned on me to type in the warning message in Google. I came here, went to CNET, downloaded and ran Malwarebytes..it detected about 5 spyware problems, fixed a few and told me to reboot to fix the rest..it worked!!!! Probably saved me $100 or so if I had taken it to get checked out...thanks!!!
Reply
quincy- Apr 1, 2010 06:34PM
thanks it worked like a charm thank u again
Reply
Add comment
Answer
+2
moins plus
When ever i open every single file it says it is infected with Lsas.Blaster.Keylogger help me i think my computer gone mental or has some kind of disorder?
Add comment
Answer
+1
moins plus
Malwarebytes antimalwares is free and better
- Why to pay?

An example of log :

Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2

19:03:33 27/08/2008
mbam-log-08-27-2008 (19-03-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 148481
Time elapsed: 2 hour(s), 14 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 39

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb­4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc7a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc3a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\GLK35.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\eMule\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.03619 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal\VideosAnal.ico (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\1.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\2.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\3.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning\warnpage.html (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc7a2j0e91c.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\images54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images93.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo39.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_31.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album64.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album70.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
Add comment
Answer
+1
moins plus
Don't listen to any of this crap!

The pop up you are getting telling you that you have a virus and needs to scan is just a browser pop up. You don't have a virus. If this pop up comes up then close your browser and restart.
smoken- Apr 9, 2010 05:01AM
Its all a evil scam. lol it even addresses my PC as XP. (most used) must be an old popup that surrvived by so manny people clicking on it.
Reply
Add comment
Answer
+1
moins plus
HI guys you I had recently made a notice that there are lot virus infections and where in the virus just looks like the antivirus programmes and also there are pop ups that blocks the services quite often... well thats shows that the computer has been infected with the trojen virus

u need to log on to www.jeeth.webs.com

>> click for virus removal tool
>> download malwarebytes antimalware
>> scan the computer and get teh virus removed
>> restart the computer and get teh issue resolved
Lady C- Apr 20, 2010 09:06PM
So far every malwarebytes or anti virus program I have try has not worked. I have exploit scanner type 1056. Any help will be appreicated.
Reply
Add comment
Answer
+1
moins plus
Use the block pop up options in your browser.
Add comment
Answer
+0
moins plus
THANXS A LOT GUYS... I JUST GOT RID OF MY ROGUE ANTI SPYWARE....
Add comment
Answer
+0
moins plus
im facing a similar problem. i have tried kaspersky and avg they are worthless. not even trendmicro can remove it. mines has a "warning security report pop-up on the right bottom corner where the time is.. it changed my background pic to a sign that says "warning dangerous spyware... etc..' anyone have advice??
Slugbug- Jan 6, 2009 10:09PM
Ugh I have the exact same problem and Anti-Malware won't download on my computer either!
Help needed!
Reply
Bob JC - Jan 6, 2009 10:09PM
Refer to the link at the top of the page referencing Malware Bytes. Download. Install. Update. Scan. Restart.

Simple as that - worked for me!
Reply
Slugbug- Jan 6, 2009 10:35PM
I tried that and even renaming the malware file doesn't allow me to download malware bytes.
Reply
66GTO- Jan 7, 2009 01:12AM
any luck Slug
Reply
heli Bob - Jan 10, 2009 10:57AM
what is the address to rid this mal ware???????

Thanks
Reply
Add comment
Answer
+0
moins plus
Windows defender detects this as the VUNDO trojan.
jd- Feb 27, 2009 09:01PM
Take my word for it Exploit Rogue comes with AVG 8.0.
Reply
Add comment
Answer
+0
moins plus
Go through your cookies and in the search, type "antispyware." Delete anything that comes up. That seems to have done it for me.
lucky- Mar 29, 2009 10:16AM
The answer is Malwarebytes Anti malware. Save the file to your Desktop and just follow the instructions.
I have Nortons and Super Anti spyware and never detected any problems during scan.
thank you Malwarebytes. That Pop up thingy can ruin your day. good Luck to all
Reply
Add comment
Answer
+0
moins plus
I had the same problem, and spent many hours trying to remove the system security. Finally, I downloaded STOPZILLA, and it cost me around ten dollars for a year. I downloaded and ran the program, ran the scan (I did it twice), and when I rebooted my system, the problem was gone! Hope this helps
Add comment
Answer
+0
moins plus
Anyone who has a trojan/virus/worm/anything go to this website, download/install the program, pay $24.00 dollars to register it. Best program of its type I have found to date.

http://www.simplysup.com/tremover/details.html

I had the one of the pop-up that said "need to update your antivirus", made the mistake of clicking it and it loaded onto my computer. I tried everything they said on Cnet to remove it but made no progress. I happen to find this program by sheer luck and it got rid of the virus in mere minutes. I recommend you all download this progam.

Here is one virus it recently stoped before it was downloaded on my computer. This is part of the log:

Value Name: PoliceAV
Value Data: C:\Program Files\XPPoliceAntivirus\xppolice.exe
C:\Program Files\XPPoliceAntivirus\xppolice.exe - has a *known* Malware filename: PUS.XPPOLICEANTIVIRUS
C:\Program Files\XPPoliceAntivirus\xppolice.exe - this registry value has been removed [file not found to scan]
C:\Program Files\XPPoliceAntivirus\xppolice.exe - process is either not running or could not be terminated
C:\Program Files\XPPoliceAntivirus\xppolice.exe - unable to take ownership/change permissions
C:\Program Files\XPPoliceAntivirus\xppolice.exe - marked for renaming when the PC is restarted (if it exists)

Value Name: system tool
Value Data: C:\WINDOWS\sysguard.exe
C:\WINDOWS\sysguard.exe
292368 bytes
Created: 5/20/2009 4:10 PM
Modified: 5/20/2009 4:09 PM
Company: ?????????? ??????????
C:\WINDOWS\sysguard.exe appears to contain: TROJAN.AGENT
C:\WINDOWS\sysguard.exe - this registry value has been removed
C:\WINDOWS\sysguard.exe - running process located and terminated
C:\WINDOWS\sysguard.exe - file renamed to: C:\WINDOWS\sysguard.exe.vir
Add comment
Answer
+0
moins plus
is it due to a spyware infection?i tried anti spywares
Add comment
Answer
+0
moins plus
Hi

I m jeeth the virus specialist I have just recieved this mail about the problem you had on your computer where in now you can get rid of this where in all you have to do is just follow these steps and you can get your computer working fine with no problem in future

>> Step 1
*********

Shutdown the computer and restart the computer and dont forget to tap on F8

>> Step 2
*********
using up and down Arrow key select safemode with networking and press enter in advance boot option

>> Step 3
********

now if in windows xp select the user name as Administrator if Windows vista just log in

>> Step 4
********

try to connect to internet

>> Step 5
********
if connected log on to www.jeeth.webs.com

towards to the left hand side you have an option to click on virus removal tool

>> download malwarebytes and trojen remover

>> install them and run them and restart the computer once the scan is complete

please do follow the on screen instructions to make sure you have got the virus out of your computer

>> there you go
>> if you had followed the process correct all teh infections would be out
Add comment
Answer
+0
moins plus
A way i fixed my problems were to simply make a new computer account in "control panel" and manually move the fies i wanted to keep from my old account to the new account and delete the old account ,simple.(Make sure you make yourself administrator on the new account.)
Add comment
1 2 3 Next
This document entitled « You have a security problem pop up! » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.

Not a member yet?

sign-up, it takes less than a minute and it's free!

Members get more answers than anonymous users.

Being a member gives you detailed monitoring of your requests.

Being a member gives you additional options.