You have a security problem pop up! [Solved/Closed]

Anonymous - Nov 17, 2008 at 04:36 PM - Latest reply: tomdragon 7 Posts Thursday June 10, 2010Registration date June 10, 2010 Last seen
- Jun 10, 2010 at 05:59 AM
Hello, I really need help.

I have a new dell inspiron laptop with a full AVG package but this pop up keeps coming up, I have tried hundreds of websites and hundreds of downloads and nothing has worked. Even if I dont click on the pop up it automatically interupts anyhing im doing. Usually it just tells me a threat has been detected and the name of the threat which is exploit rogue spyware scanner (but ive noticed a few different threat names too) then when I click ok I get a message saying undefined and when I click ok the same message comes up agian only with a question mark beside it. While all this is happening a scan is automatically started which then tells me I have a hardware error in both drives C and D and a security threat in shared documents although I dont have any shared documents nor can I find a hardware error in either of these drives. A message then appears telling me harmful and malicious software detected, it lists 3 programs that are of high alert level, they are; ipexewin.exe; audiopitusr.exe; exeiptransfer.exe. (These are all meaningless to me) Im given 2 options in this message remove or ignore and it doesnt matter what I click, I get a file download-security warning asking me to run, save or cancel. If I click save it saves something which I have never been able to find again and if I click run I get an internet explorer warning, so far I havent went any further just incase but ive tried everthing else.

Sometimes it will offer me scans from a package which do no good. Ive downloaded everything recomended and nothing will work, im currently running a malwarebytes antivirus scan which has taken over an hour and is still not finished.

Im really not great with computers and I would appreciate it if I could get any help at all but in simple terms and steps as I really dont understand computer jargin, I really need simple as in go there and click that please. Any help would be greatly appreciated
See more 

67 replies

Best answer
Ambucias 55121 Posts Monday February 1, 2010Registration dateModeratorStatus September 25, 2018 Last seen - Mar 29, 2010 at 01:32 PM
30
Thank you
Hello all of you,

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

Download to your desktop and run Rogue Kill:

http://download.bleepingcomputer.com/grinler/rkill.com

You should now see a window that shows all of your desktop icons, including the rkill.com program. Now double-click on the rkill.com in order to automatically attempt to stop any processes associated with Security Tool and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Tool when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Tool . So, please try running Rkill until malware is no longer running.

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

http://ccm.net/download/download-105-malwarebytes-anti-malware

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it Explorer.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.

Good luck

Thank you, Ambucias 30

Something to say? Add comment

CCM has helped 1786 users this month

i try to run Rogue Kill but it doesnt open.What should I do?
if its not letting you save to your desktop which you should be doing, i.e I use vipre and everytime this happens you have to diable the protection while you do this process. im sure its the same with others. once you do that then just download antimalware and do a full system scan.
Ambucias 55121 Posts Monday February 1, 2010Registration dateModeratorStatus September 25, 2018 Last seen - Apr 22, 2010 at 05:48 AM
23
Thank you
Download, install and run Malwarebyte which you can find on this site:

http://ccm.net/download/download-105-malwarebyt es-anti-malware

Ensure you make an update.

Please request a FULL system scan, which may take about 90 minutes.

When the scan is completed, delete all items found.
5
Thank you
its a scam nothing will work you have no virus after all you never heard of this company no matter what youll never get rid of it even deleting your I tried everything even calling the manufacturer. click the ? mark above that says help its live on aol.
5
Thank you
hello I need help please my younger sister
downloaded some security tool thing and now it wont go away
and is alson stoping me from removing it or even opening any programes
i have no idea what to do should I just get anew computer ..
3
Thank you
For me, I clicked on a link that said that I needed to download Adobe player 10.37, or something like that. Me, being ever gullible and super sleep deprived, I clicked on it. It then started giving me problems. During that time, I had an anti-virus called Panda, which was working fine until it kept on saying that my protection was low, and that I should restart my computer. It also said that if the problem had not fixed itself, I should uninstall Panda. So...I did. I then went and downloaded AVG free 8.5. After downloading, I thought that everything would be fine, so I started scanning my entire computer. After a very long couple hours, I ended up having 151 warnings (...fjdkfslj O__O; ) and one virus (which was immediately healed).

Then things started to act up...

Alright, so...I use Firefox (which is up-to-date). I never...EVER used Internet Explorer the entire time I had this computer. However, I've been getting pop-ups FROM THE IE WINDOW, giving me weird ads, and/or saying that the site is not found. If I don't click the close button fast enough, the AVG toolbar that had (oddly enough) installed in Internet Explorer, had detected a virus. It told me that I have "Exploit Rogue Spyware Scanner" and wouldn't let me do anything with it. So, after looking very hard for a solution, I found this forum, and I'm hoping that this stupid IE pop-up would stop. I already downloaded Malwarebytes, and is still scanning. I also have my disk defragmenter and AVG scanning. I'm about to go through disk cleanup and see if there is anything that I could do. I want to fix this problem as fast as I can before my internet connection will be cut off in a couple days, since I'm going to move.
2
Thank you
Try this link, it worked for me

http://forums.cnet.com/...
ok I wil try it!
wish me good luck!
fengyuwuzu 2 Posts Thursday March 26, 2009Registration date May 13, 2009 Last seen > omar - Mar 27, 2009 at 09:15 AM
does it work?
fantastic...had the same problem..annoying. I was ready to pay to have someone check it out. Norton didn't detect anything wrong, neither did AdAware, neither did Windows Defender. Then it dawned on me to type in the warning message in Google. I came here, went to CNET, downloaded and ran Malwarebytes..it detected about 5 spyware problems, fixed a few and told me to reboot to fix the rest..it worked!!!! Probably saved me $100 or so if I had taken it to get checked out...thanks!!!
thanks it worked like a charm thank u again
None of your buissness - Mar 9, 2010 at 05:34 PM
2
Thank you
When ever I open every single file it says it is infected with Lsas.Blaster.Keylogger help me I think my computer gone mental or has some kind of disorder?
Ced_King 3667 Posts Sunday March 1, 2009Registration dateContributorStatus May 13, 2017 Last seen - Jun 4, 2009 at 05:29 PM
1
Thank you
Malwarebytes antimalwares is free and better
- Why to pay?

An example of log :

Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2

19:03:33 27/08/2008
mbam-log-08-27-2008 (19-03-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 148481
Time elapsed: 2 hour(s), 14 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 39

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb­4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc7a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc3a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\GLK35.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\eMule\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.03619 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal\VideosAnal.ico (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\1.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\2.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\3.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning\warnpage.html (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc7a2j0e91c.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\images54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images93.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo39.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_31.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album64.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album70.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
1
Thank you
Don't listen to any of this crap!

The pop up you are getting telling you that you have a virus and needs to scan is just a browser pop up. You don't have a virus. If this pop up comes up then close your browser and restart.
Its all a evil scam. lol it even addresses my PC as XP. (most used) must be an old popup that surrvived by so manny people clicking on it.
Sujith Virus specialist - Jul 18, 2009 at 11:53 AM
1
Thank you
HI guys you I had recently made a notice that there are lot virus infections and where in the virus just looks like the antivirus programmes and also there are pop ups that blocks the services quite often... well thats shows that the computer has been infected with the trojen virus

u need to log on to www.jeeth.webs.com

>> click for virus removal tool
>> download malwarebytes antimalware
>> scan the computer and get teh virus removed
>> restart the computer and get teh issue resolved
So far every malwarebytes or anti virus program I have try has not worked. I have exploit scanner type 1056. Any help will be appreicated.
tomdragon 7 Posts Thursday June 10, 2010Registration date June 10, 2010 Last seen - Jun 10, 2010 at 05:59 AM
1
Thank you
Use the block pop up options in your browser.
0
Thank you
THANXS A LOT GUYS... I JUST GOT RID OF MY ROGUE ANTI SPYWARE....
0
Thank you
im facing a similar problem. I have tried kaspersky and avg they are worthless. not even trendmicro can remove it. mines has a "warning security report pop-up on the right bottom corner where the time is.. it changed my background pic to a sign that says "warning dangerous spyware... etc..' anyone have advice??
Ugh I have the exact same problem and Anti-Malware won't download on my computer either!
Help needed!
Refer to the link at the top of the page referencing Malware Bytes. Download. Install. Update. Scan. Restart.

Simple as that - worked for me!
I tried that and even renaming the malware file doesn't allow me to download malware bytes.
66GTO > Slugbug - Jan 7, 2009 at 01:12 AM
any luck Slug
what is the address to rid this mal ware???????

Thanks
volatileacid - Feb 20, 2009 at 07:29 AM
0
Thank you
Windows defender detects this as the VUNDO trojan.
Take my word for it Exploit Rogue comes with AVG 8.0.
0
Thank you
Go through your cookies and in the search, type "antispyware." Delete anything that comes up. That seems to have done it for me.
The answer is Malwarebytes Anti malware. Save the file to your Desktop and just follow the instructions.
I have Nortons and Super Anti spyware and never detected any problems during scan.
thank you Malwarebytes. That Pop up thingy can ruin your day. good Luck to all
0
Thank you
I had the same problem, and spent many hours trying to remove the system security. Finally, I downloaded STOPZILLA, and it cost me around ten dollars for a year. I downloaded and ran the program, ran the scan (I did it twice), and when I rebooted my system, the problem was gone! Hope this helps
0
Thank you
is it due to a spyware infection?i tried anti spywares
0
Thank you
Hi

I m jeeth the virus specialist I have just recieved this mail about the problem you had on your computer where in now you can get rid of this where in all you have to do is just follow these steps and you can get your computer working fine with no problem in future

>> Step 1
*********

Shutdown the computer and restart the computer and dont forget to tap on F8

>> Step 2
*********
using up and down Arrow key select safemode with networking and press enter in advance boot option

>> Step 3
********

now if in windows xp select the user name as Administrator if Windows vista just log in

>> Step 4
********

try to connect to internet

>> Step 5
********
if connected log on to www.jeeth.webs.com

towards to the left hand side you have an option to click on virus removal tool

>> download malwarebytes and trojen remover

>> install them and run them and restart the computer once the scan is complete

please do follow the on screen instructions to make sure you have got the virus out of your computer

>> there you go
>> if you had followed the process correct all teh infections would be out
0
Thank you
A way I fixed my problems were to simply make a new computer account in "control panel" and manually move the fies I wanted to keep from my old account to the new account and delete the old account ,simple.(Make sure you make yourself administrator on the new account.)
0
Thank you
so , I had the same problem and its gone now

what I have done :

1. download : malware's antimalware
2. update en launch it .
3. scan it ( takes an hour )
4. remove al your threats (about some 19 threats )
5. reboot your computer
6. relax , the problem is gone :d

IT WORKS !!!
1 2 3 Next