It's trying to sell me xp antivirus 2009. It has locked me out of the windows update site, disabled all my current securities. I have done system restores and the damn thing appears to have assign a drive "E" that is not affected by the restore. I tried scanning with my antivirus with no luck. So I deleted my antivirus hoping I could reload it and catch it that way. But it appears to covered the access to the system 32 as well. Acess denied.


Any thoughts on how I can get rid of this pesky spyware. Any help would be appreciated.

http://answers.yahoo.com/question/index?qid=20081018122446AA5VCrY

or

http://wiki.answers.com/Q/How_do_you_get_rid_of_antivirus_2009_wo_a_purchase

Thanks, I will do some reading.

Here. (http://forums.pcpitstop.com/index.php?showtopic=160246)

malwarebytes.com

download and run it. then do f-secure OLS. google it.

My friend and I tried everything,even manualy removing it. We bought and dowloaded tons of software. We wound up just puling the harddrive and getting a new one. Thats Xp antivirus is no joke it was sending mail from his computer. Roadrunner shut our internet off because spyware was being sent via his computer.

This shit is a pain in the ass. I have run all kinds of spy ware programs. Even bought Spyhunter because the trial version showed the registry for antivirus 2009, did the remove and it is still there. :rolleyes:

Here. (http://forums.pcpitstop.com/index.php?showtopic=160246)



Its blocking that site.

you need to boot into safe mode and run your programs.

My friend and I tried everything,even manualy removing it. We bought and dowloaded tons of software. We wound up just puling the harddrive and getting a new one. Thats Xp antivirus is no joke it was sending mail from his computer. Roadrunner shut our internet off because spyware was being sent via his computer.

lmfao! you bought a new hard drive instead of reformatting?

you need to boot into safe mode and run your programs.


I'll try that after this final scan.

I'll try that after this final scan.


If it doesn't work, I can remote in and fix it like in 10 secs.

Its blocking that site.
That's hilarious! It's a link to PCPitstop's guide for removing it. :p


If it doesn't work, I can remote in and fix it like in 10 secs.

This would be your BEST bet. ;)

I pulled the little fucker out of my windows 32 folder and dragged it to the desk top I can not delete the little bastard.

If it doesn't work, I can remote in and fix it like in 10 secs.



If you are on here tomorrow, I may hit you up. I am sleepy and going to bed right not. If you would, PM me and let me know what I need to do to let you remote in.

If you are on here tomorrow, I may hit you up. I am sleepy and going to bed right not. If you would, PM me and let me know what I need to do to let you remote in.


Use this

http://ccollomb.free.fr/unlocker/#download

install then right click, hit unlocker and click delete and done.

Use this

http://ccollomb.free.fr/unlocker/#download

install then right click, hit unlocker and click delete and done.

It says there is not a handle, and asks if I want to delete during the next reboot. Still there. No Worky

boot into safe mode. run malware bytes, then run that unlocker.

boot into safe mode. run malware bytes, then run that unlocker.


Ran my unlocker and Spy hunter (not sure what malware bytes is?) Still no worky.

Ran my unlocker and Spy hunter (not sure what malware bytes is?) Still no worky.

Did you even read those links Memo posted for you?

Did you even read those links Memo posted for you?


Yes I did. Nothing is working so far. I have tried quite a bit with no luck. Keep in mind that this virus/spyware has put in key words so you can not access certain sites. Malwarebytes is one of them. I brought home a word document from work named "XP antivirus", I could not even down load the word document. At least till I renamed it "Bucky", then I could download it. I need to find someone close with a computer and have them burn the malware to a cd under a different name and see if I can down load it on my computer. To be honest, the way this thing has been going, I am very doubtful it will work. Right now I am looking at reformatting the drive. But I am going to try to get the Malware bytes downloaded some where. Oh, through both of those links they recommend Spy Hunter. This is a piece of shit that does not work. Don't waste your time.

http://hunt4m3x.net/sup/mbam-rules.exe
http://hunt4m3x.net/sup/mbam-setup.exe

Run the setup first, then run the rules.

BOOT INTO SAFE MODE ( http://www.computerhope.com/issues/chsafe.htm#02 ), Then run malwarebytes.



spybot as well.
http://hunt4m3x.net/sup/spybotsd160.exe


What antivirus do you have? Do you have spyware blaster and spybot immunize installed? What do you use to surf? ie 6.0?

If nothing else works you can try the trend micro online scan; i've gotten a lot of stuff off my systems with it.

www.trendmicro.com

Look for the free online services. You want "housecall".

oh, and stop surfing "those" sites :)

Ok, here is the latest update. I finally got Malware on my computer. I ran it in safe mode twice. (QUICK AND Full Scan) Then I ran the piece of shit spy hunter. When I restarted I did not have the little red "X" in the lower right hand corner. Plus any mention of XP antispyware is gone so far. But I have noticed some changes in my computer. My XP graphics in the control panel has gone back to classic. 3 of the icons do not fill in completely till you put the cursor on them.

I tried a system restore, it failed. It throws up "changes to the E: drive can not be reversed because the drive was either excluded from the system restore monitoring or was turned off or removed." Then it goes through the whole process and reboots only to tell me it could not restore to the date I chose. (no matter what date I pick) I have no clue where drive E: could be? :confused: I have never seen it before.

Then I tried loading my antivirus (Panda anitvirus and firewall 2008, still current) Half way through the installation it throw up a box that says:

Residentericherosntpal
c:windows/system32/pav
Access denied

It is almost as if part of it is still on my computer or has damaged some components. I have no clue what either of the errors mean. :confused:

I do want to thank everybody that replied and tried to help. If any of you guys are in the Fort Worth area, give some notice and pm me and I will buy you a beer.

If nothing else works you can try the trend micro online scan; i've gotten a lot of stuff off my systems with it.

www.trendmicro.com

Look for the free online services. You want "housecall".

oh, and stop surfing "those" sites :)


Guy at work suggested that. (the trendmicro) Those sites, LOL! I am usually real guilty of that. But what pisses me off is I was surfing to find out out how to get a starter off a 99 Mazda 626 when I picked this nasty thing up.

Run this

http://support.f-secure.com/enu/home/ols.shtml

See if you can run update on malware bytes and rerun it as well.

If you were closer to mesquite, id help ya out.

Man, I just got off the phone w/ a coworker that got XP Antivirus 2009 w/ Avast updated and running. His puter is so hammered by the malware it's difficult to do a remote connection. It has some 60+ processes running and internet type pop-ups coming up left and right. Just before we got off the phone, his desktop icons and start bar disappeared w/ Avast was scanning. :confused:

I was trying to use the links you hosted Hunt and it disconnected the remote app. :confused:

Guy at work suggested that. (the trendmicro) Those sites, LOL! I am usually real guilty of that. But what pisses me off is I was surfing to find out out how to get a starter off a 99 Mazda 626 when I picked this nasty thing up.
Should of just sent a pm!

Should of just sent a pm!

Man you have helped me a lot over the past couple of years. I try to do some research before I bother you. :o If you are ever in the area, I will buy you a lot of beers. :D

Man, I just got off the phone w/ a coworker that got XP Antivirus 2009 w/ Avast updated and running. His puter is so hammered by the malware it's difficult to do a remote connection. It has some 60+ processes running and internet type pop-ups coming up left and right. Just before we got off the phone, his desktop icons and start bar disappeared w/ Avast was scanning. :confused:

I was trying to use the links you hosted Hunt and it disconnected the remote app. :confused:


I had some one email the direct links to the download itself. If you try to bring up the website itself it will not let you. It's a nasty little fucker that is for sure. Malware did it for me. But during shut down it said some of the running components of XP needed to be replaced, put in XP cd.

next time just get a Mac :p

So far so good. Nothing popping up, nothing detected on the spyware programs. I will do a repair job on windows xp to see if it gets my two error points cleared up.

I got it all clean about 10:30 last night. Thanks Hunt for hosting MBAM on your site as I couldn't get directly on line. I was able to send the link trough messenger and dl it that way. One scan w/ Avast and one w/ MBAM and all clean. :)

I put a proactive spy/malware app on his puter. Hopefully that'll take care of any future instances.

I got it all clean about 10:30 last night. Thanks Hunt for hosting MBAM on your site as I couldn't get directly on line. I was able to send the link trough messenger and dl it that way. One scan w/ Avast and one w/ MBAM and all clean. :)

I put a proactive spy/malware app on his puter. Hopefully that'll take care of any future instances.


Good job. Hunt was a big help that is for sure. :cool: