AntiSpy & AntiSpywareShield ruining everything!!!

Hey all,

my home desktop has pop ups for AntiSpy and AntSoywareShield, I can't uninstall it manually cause it wont show up on the list of programs. So if someone can please tell me how to fix this itd be great! its really messing up my computer.

 

Hi modernage13!
Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST and attach the requested logs. I think you will find some relief from the symptoms as you go and we'll be able to see what still needs to be done when we can look at your logs. If you have any questions, just ask.

abri

 

thanks! im doing all the things in the read and run me thread right now, ill update soon.

 

ok i ran all the scans in the read me and here are my logs.

 

can someone please help me?! its ruining everything

 

isn't this a support forum? my computer is real fried..

 

Hi modernage,

The policy here is to work the forums from oldest to newest post, so when you repost, you end up slowing down your progress rather than speeding it up. There are occasions, which we try hard to avoid, where people have gotten forgotten, but you are not one of them.

I'm looking at your logs. This takes some time, so thanks for your patience.
abri

 

Hi modernage,

First a couple of questions:

Which resident antivirus are you using?

What is in this folder? Do not open any files.

C:\Program Files\Tencent

Now, please do the following:

1) Open your Windows Live Messenger, go to Help -> Customer Experience Improvement Program and turn it off. That will stop you getting all those sqm files.

2) Go to add/remove programs and uninstall the below:

- Viewpoint Media Player


3) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger

4) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jaime\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

After you click fix, just close hijackthis.


5) Now please download and run RogueRemover


6) Run CCleaner.


7) Please run C:\MGtools\GetLogs.bat and attach the fresh MGlogs.zip (found directly under C).


Let me know how things are running now?

abri

 

im not sure which antivirus were using, before i left for school it was only lavasoft ad aware and thats it. whats in the C:\Program Files\Tencent is a folder that says QQ Games and if you open that folder, you see a Plugin folder, GameLaunch.exe, Uninstall.exe. it looks like a game.

 

ok i did all the things you said to. and my clock is still in 24 hour mode and the sqm files are still there after i ran the windows messanger removal software. heres the log.

 

To fix your clock, go to Start / Control Panel and select Regional & Language. In the Regional Options tab click on Customize and then select the Time tab and set the time the way you want it.

What answer do you have for the first two questions I asked you?

The sqm files are produced by Windows Live Messenger. The Windows Messenger removal software removes the Windows Messenger. These are two different messengers (with confusingly similar names) and the two steps in the instructions deal with different problems of each.

I can't tell from your responses if Rogue Remover had any effect in removing AntiSpyKit 5.3?. If not, go to http://www.bleepingcomputer.com/forums/topic131118.html and follow the instructions.

The MGlogs.zip which you just posted to me have the date of March 10th at 8:38:51 p.m. which is the same date and time of the MGlogs.zip which you originally posted. Only procdll.txt is from the 11th. I'm not sure what you did to achieve this, but to get a correct set of logs, you need to follow the instructions in step 7 of my last post.

abri

 

yea i answered your questions in post 9.

 

ok heres the fresh logs they say theyre from mar. 11 at 7:33pm. and i answered your questions in post 9.

 

ok so i ran theanitspykit remover and here are the logs for that.

 

ah, sorry, I didn't see it. AdAware is not a resident antivirus. You need to have both an antivirus and a two-way firewall. We recommend free antivirus programs that don't use a lot of resources but are really good. Please go to the thread How to Protect Yourself from Malware and find the free antivirus programs and select one. They're all good. I happen to use AVG and like it.

Please check Windows Explorer for the following file and if you find it, delete the file and then the folder:

C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe

How is your computer working now? Have the popups stopped? If it is better, please go ahead with the final cleanup instructions.

abri