You have a security problem pop up!

Solved/Closed
Anonymous - Nov 17, 2008 at 04:36 PM
tomdragon Posts 7 Registration date Thursday June 10, 2010 Status Member Last seen June 10, 2010 - Jun 10, 2010 at 05:59 AM
Hello, I really need help.

I have a new dell inspiron laptop with a full AVG package but this pop up keeps coming up, I have tried hundreds of websites and hundreds of downloads and nothing has worked. Even if I dont click on the pop up it automatically interupts anyhing im doing. Usually it just tells me a threat has been detected and the name of the threat which is exploit rogue spyware scanner (but ive noticed a few different threat names too) then when I click ok I get a message saying undefined and when I click ok the same message comes up agian only with a question mark beside it. While all this is happening a scan is automatically started which then tells me I have a hardware error in both drives C and D and a security threat in shared documents although I dont have any shared documents nor can I find a hardware error in either of these drives. A message then appears telling me harmful and malicious software detected, it lists 3 programs that are of high alert level, they are; ipexewin.exe; audiopitusr.exe; exeiptransfer.exe. (These are all meaningless to me) Im given 2 options in this message remove or ignore and it doesnt matter what I click, I get a file download-security warning asking me to run, save or cancel. If I click save it saves something which I have never been able to find again and if I click run I get an internet explorer warning, so far I havent went any further just incase but ive tried everthing else.

Sometimes it will offer me scans from a package which do no good. Ive downloaded everything recomended and nothing will work, im currently running a malwarebytes antivirus scan which has taken over an hour and is still not finished.

Im really not great with computers and I would appreciate it if I could get any help at all but in simple terms and steps as I really dont understand computer jargin, I really need simple as in go there and click that please. Any help would be greatly appreciated
Related:

46 responses

Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,164
Mar 29, 2010 at 01:32 PM
Hello all of you,

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

Download to your desktop and run Rogue Kill:

https://download.bleepingcomputer.com/grinler/rkill.com

You should now see a window that shows all of your desktop icons, including the rkill.com program. Now double-click on the rkill.com in order to automatically attempt to stop any processes associated with Security Tool and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Tool when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Tool . So, please try running Rkill until malware is no longer running.

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it Explorer.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.

Good luck
30
i try to run Rogue Kill but it doesnt open.What should I do?
0
if its not letting you save to your desktop which you should be doing, i.e I use vipre and everytime this happens you have to diable the protection while you do this process. im sure its the same with others. once you do that then just download antimalware and do a full system scan.
0
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,164
Apr 22, 2010 at 05:48 AM
Download, install and run Malwarebyte which you can find on this site:

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware

Ensure you make an update.

Please request a FULL system scan, which may take about 90 minutes.

When the scan is completed, delete all items found.
23
its a scam nothing will work you have no virus after all you never heard of this company no matter what youll never get rid of it even deleting your I tried everything even calling the manufacturer. click the ? mark above that says help its live on aol.
5
hello I need help please my younger sister
downloaded some security tool thing and now it wont go away
and is alson stoping me from removing it or even opening any programes
i have no idea what to do should I just get anew computer ..
5

Didn't find the answer you are looking for?

Ask a question
For me, I clicked on a link that said that I needed to download Adobe player 10.37, or something like that. Me, being ever gullible and super sleep deprived, I clicked on it. It then started giving me problems. During that time, I had an anti-virus called Panda, which was working fine until it kept on saying that my protection was low, and that I should restart my computer. It also said that if the problem had not fixed itself, I should uninstall Panda. So...I did. I then went and downloaded AVG free 8.5. After downloading, I thought that everything would be fine, so I started scanning my entire computer. After a very long couple hours, I ended up having 151 warnings (...fjdkfslj O__O; ) and one virus (which was immediately healed).

Then things started to act up...

Alright, so...I use Firefox (which is up-to-date). I never...EVER used Internet Explorer the entire time I had this computer. However, I've been getting pop-ups FROM THE IE WINDOW, giving me weird ads, and/or saying that the site is not found. If I don't click the close button fast enough, the AVG toolbar that had (oddly enough) installed in Internet Explorer, had detected a virus. It told me that I have "Exploit Rogue Spyware Scanner" and wouldn't let me do anything with it. So, after looking very hard for a solution, I found this forum, and I'm hoping that this stupid IE pop-up would stop. I already downloaded Malwarebytes, and is still scanning. I also have my disk defragmenter and AVG scanning. I'm about to go through disk cleanup and see if there is anything that I could do. I want to fix this problem as fast as I can before my internet connection will be cut off in a couple days, since I'm going to move.
3
Try this link, it worked for me

http://forums.cnet.com/5208-6122_102-0.html?forumID=44&threadID=307711&messageID=2852480
2
ok I wil try it!
wish me good luck!
0
fengyuwuzu Posts 2 Registration date Thursday March 26, 2009 Status Member Last seen May 6, 2009 > omar
Mar 27, 2009 at 09:15 AM
does it work?
0
Thank you!!!
0
fantastic...had the same problem..annoying. I was ready to pay to have someone check it out. Norton didn't detect anything wrong, neither did AdAware, neither did Windows Defender. Then it dawned on me to type in the warning message in Google. I came here, went to CNET, downloaded and ran Malwarebytes..it detected about 5 spyware problems, fixed a few and told me to reboot to fix the rest..it worked!!!! Probably saved me $100 or so if I had taken it to get checked out...thanks!!!
0
thanks it worked like a charm thank u again
0
None of your buissness
Mar 9, 2010 at 05:34 PM
When ever I open every single file it says it is infected with Lsas.Blaster.Keylogger help me I think my computer gone mental or has some kind of disorder?
2
Ced_King Posts 3519 Registration date Sunday March 1, 2009 Status Contributor Last seen October 10, 2016 1
Jun 4, 2009 at 05:29 PM
Malwarebytes antimalwares is free and better
- Why to pay?

An example of log :

Malwarebytes' Anti-Malware 1.25
Database version: 1088
Windows 5.1.2600 Service Pack 2

19:03:33 27/08/2008
mbam-log-08-27-2008 (19-03-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 148481
Time elapsed: 2 hour(s), 14 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 39

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb­4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc7a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc3a2j0e91c (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Application Data\rhc3a2j0e91c\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\GLK35.tmp (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully.
C:\Program Files\eMule\EvID4226Patch.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.03619 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\VideosAnal\VideosAnal.ico (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\1.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\2.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\sounds\3.mp3 (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sysguard\warning\warnpage.html (Rogue.SysGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phc7a2j0e91c.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pphc7a2j0e91c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\images54.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\images93.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo39.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_31.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album22.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album64.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album70.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photo_album73.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wcsqmyi_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\Repair Your Registry.lnk (Rogue.Link) -> Quarantined and deleted successfully.
1
Don't listen to any of this crap!

The pop up you are getting telling you that you have a virus and needs to scan is just a browser pop up. You don't have a virus. If this pop up comes up then close your browser and restart.
1
Its all a evil scam. lol it even addresses my PC as XP. (most used) must be an old popup that surrvived by so manny people clicking on it.
0
Sujith Virus specialist
Jul 18, 2009 at 11:53 AM
HI guys you I had recently made a notice that there are lot virus infections and where in the virus just looks like the antivirus programmes and also there are pop ups that blocks the services quite often... well thats shows that the computer has been infected with the trojen virus

u need to log on to www.jeeth.webs.com

>> click for virus removal tool
>> download malwarebytes antimalware
>> scan the computer and get teh virus removed
>> restart the computer and get teh issue resolved
1
So far every malwarebytes or anti virus program I have try has not worked. I have exploit scanner type 1056. Any help will be appreicated.
0
tomdragon Posts 7 Registration date Thursday June 10, 2010 Status Member Last seen June 10, 2010 1
Jun 10, 2010 at 05:59 AM
Use the block pop up options in your browser.
1
THANXS A LOT GUYS... I JUST GOT RID OF MY ROGUE ANTI SPYWARE....
0
im facing a similar problem. I have tried kaspersky and avg they are worthless. not even trendmicro can remove it. mines has a "warning security report pop-up on the right bottom corner where the time is.. it changed my background pic to a sign that says "warning dangerous spyware... etc..' anyone have advice??
0
My laptop is doing the exact thing as you just described yours is doing? Did you find out out to get rid of the issue? I downloaded McAfee Stinger and that didn't work.
0
Ugh I have the exact same problem and Anti-Malware won't download on my computer either!
Help needed!
0
Refer to the link at the top of the page referencing Malware Bytes. Download. Install. Update. Scan. Restart.

Simple as that - worked for me!
0
Slugbug > Bob
Jan 6, 2009 at 10:35 PM
I tried that and even renaming the malware file doesn't allow me to download malware bytes.
0
66GTO > Slugbug
Jan 7, 2009 at 01:12 AM
any luck Slug
0
Windows defender detects this as the VUNDO trojan.
0
Take my word for it Exploit Rogue comes with AVG 8.0.
0
Go through your cookies and in the search, type "antispyware." Delete anything that comes up. That seems to have done it for me.
0
The answer is Malwarebytes Anti malware. Save the file to your Desktop and just follow the instructions.
I have Nortons and Super Anti spyware and never detected any problems during scan.
thank you Malwarebytes. That Pop up thingy can ruin your day. good Luck to all
0
I had the same problem, and spent many hours trying to remove the system security. Finally, I downloaded STOPZILLA, and it cost me around ten dollars for a year. I downloaded and ran the program, ran the scan (I did it twice), and when I rebooted my system, the problem was gone! Hope this helps
0
is it due to a spyware infection?i tried anti spywares
0
Hi

I m jeeth the virus specialist I have just recieved this mail about the problem you had on your computer where in now you can get rid of this where in all you have to do is just follow these steps and you can get your computer working fine with no problem in future

>> Step 1
*********

Shutdown the computer and restart the computer and dont forget to tap on F8

>> Step 2
*********
using up and down Arrow key select safemode with networking and press enter in advance boot option

>> Step 3
********

now if in windows xp select the user name as Administrator if Windows vista just log in

>> Step 4
********

try to connect to internet

>> Step 5
********
if connected log on to www.jeeth.webs.com

towards to the left hand side you have an option to click on virus removal tool

>> download malwarebytes and trojen remover

>> install them and run them and restart the computer once the scan is complete

please do follow the on screen instructions to make sure you have got the virus out of your computer

>> there you go
>> if you had followed the process correct all teh infections would be out
0
A way I fixed my problems were to simply make a new computer account in "control panel" and manually move the fies I wanted to keep from my old account to the new account and delete the old account ,simple.(Make sure you make yourself administrator on the new account.)
0
so , I had the same problem and its gone now

what I have done :

1. download : malware's antimalware
2. update en launch it .
3. scan it ( takes an hour )
4. remove al your threats (about some 19 threats )
5. reboot your computer
6. relax , the problem is gone :d

IT WORKS !!!
0