Re: What is this 'infection" reported by Cyber Defender

Daave wrote:
Shenan Stanley wrote:
~*Laughingstar 2009*~ wrote:
HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications


I used AVG for years w/o problems, recently switched to Avast on
rec. from the NG, but it would not stop scanning my email, and took
me a long time to 'fire up' each day while it spun around - I could
not "find" the options to stop it's scanning once OE opened up.

I switched to CD today, and it "found" the HKEY "infection" and
keeps popping up with warnings to remove it, for $40. or something
like that. Is this dangerous? I did a search and it did not show
up, and ran Trend Micro's HouseCall and that didn't find anything,
either.
Daily I run AdAware, have Windows Defender ON, and everything's up
to date incl all Updates.

Thank you very much (happy autumn)

Shenan Stanley wrote:
What does this have to do with the "Help and Support" feature in
Windows XP? (That's what this newsgroup is actually for, you
know...)
*grin*

The question(s) you have would be better asked of Avast - not in a
Windows XP forum. Windows XP is just your currently chosen OS. If
you install and use something on top of it, that is the
responsibility of those who created said 'something' and so -
between you and them.
Now - something you said, "... keeps popping up with warnings to
remove it, for $40. or something like that ..." <-- that does not
sound like Avast, AVG, etc. That sounds like you have been
infested with malware that Avast (and many other AntiVirus
softwares, likely) cannot deal with *and* it is a FALSE message -
trying to get you to do something you should not.
Please quote the exact message (not "something like" the message)
and what it looks like, etc. Describe it in excriuciating detail,
looks, what it says, if it pops up random, etc.

After doing that - here is what I think you should do - expect this
to take time - print it out so you follow the directions exactly.

Start button --> RUN
(no "RUN"? Press the "Windows Key" + R on your keyboard)
--> type in:
winver
--> Click OK.

The picture at the top of the window that opens will give you the
general (Operating System name and flavor) while the line starting
with the word "version" will give you the rest of the story.

Post _both_ in response to this message verbatim. ;-)

Fix your file/registry permissions...

Ignore the title and follow the sub-section under "Advanced
Troubleshooting" titled, "Method 1: Reset the registry and the file
permissions" http://support.microsoft.com/kb/949377
*will take time
(** Ignore the last step - you should have SP3 installed - but
don't do it during the cleanup.)

Reboot and ...

Download/install this:
http://support.microsoft.com/kb/290301

After installing, do the following:

Start button --> RUN --> type in:
"%ProgramFiles%\Windows Installer Clean Up\msizap.exe" g!
--> Click OK.
(The quotation marks and percentage signs and spacing should be
exact.)
Download, install, run, update and perform a full scan (separately)
with the following two applications (freeware versions are the ones
to use for this):
SuperAntiSpyware
http://www.superantispyware.com/

MalwareBytes
http://www.malwarebytes.com/

After performing a full scan with one and then the other and
removing whatever they both find completely, you may uninstall
these products, if you wish.

Download and run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

Reboot.

Download/Install the latest Windows Installer (for your OS):
( Windows XP 32-bit : WindowsXP-KB942288-v3-x86.exe )
http://www.microsoft.com/downloadS/details.aspx?familyid=5A58B56F-60B6-4412-95B9-54D056D6F9F4&displaylang=en

Reboot.

and...

Download the latest version of the Windows Update agent from here
(x86): http://go.microsoft.com/fwlink/?LinkID=91237
... and save it to the root of your C:\ drive. After saving it to
the root of the C:\ drive, do the following:

Close all Internet Explorer windows and other applications.

Start button --> RUN and type in:
%SystemDrive%\windowsupdateagent30-x86.exe /WUFORCE
--> Click OK.

(If asked, select "Run.) --> Click on NEXT --> Select "I agree" and
click on NEXT --> When it finishes installing, click on "Finish"...

Reboot.

Then follow the instructions here:

How do I reset Windows Update components?
http://support.microsoft.com/kb/971058

Reboot.

CHKDSK
How to scan your disks for errors
http://support.microsoft.com/kb/315265
* will take time and a reboot

Defragment
How to Defragment your hard drives
http://support.microsoft.com/kb/314848
* will take time

Ensure your hardware drivers are up to date (from the hardware
manufacturer's respective web pages.) Never get hardware drivers
for hardware that was not created/sold by Microsoft from Microsoft.

Reboot...

Log on as an user with administrative rights and open Internet
Explorer and visit http://windowsupdate.microsoft.com/ and select to
do a CUSTOM scan...

Every time you are about to click on something while at these web
pages - first press and hold down the CTRL key while you click on
it. You can release the CTRL key after clicking each time.

Once the scan is done, select just _ONE_ of the high priority
updates (deselect any others) and install it.

Reboot again.

If it did work - try the web page again - selecting no more than
3-5 at a time. Rebooting as needed.

The Optional Software updates are generally safe - although I
recommend against the "Windows Search" one and any of the "Office
Live" ones or "Windows Live" ones for now. I would completely
avoid the Optional Hardware updates. Also - I do not see any urgent
need to
install Internet Explorer 8 at this time.

Seriously - do all that. This is like antibiotics - don't skip a
single step, don't quit because you think things will be okay now -
go through until the end, until you have done everything given in
the order given. If you have a problem with a step come ask and
let someone here get you through that step. If you don't
understand how to do a step, come back and ask here about that step
and let someone walk you through it.
Then - when done - let everyone here know if it worked for you - or
if you have more issues.

~*Laughingstar 2009*~ wrote:
read it again

I'm blind, but believe you can see w/0 adaptive software

Perhaps you are blind - but you should not have stopped reading.

I gave you a method to repair your issue. Follow or not - that is up
to you. ;-)

Shenan, it appears you missed that OP was stating that the program
CyberDefender (from the subject line only, but in the body, he called
it "CD") was responsible for finding this "infection."

Apparently, CyberDefender was once considered a rogue:

http://www.spywarewarrior.com/de-listed.htm#cybdef_note

Perhaps that designation needs to return?

Ohhh THANK YOU. I uninstalled every aspect of it I could find, but this AM
it had taken over my IE and all Search aspects. I weekly clear all IE web
browsing files, etc., but this time also checked "Manage Add Ons" and notice
two suspcious 'files.' I did a Search for anything similar to Cyber
Defender, and nothing was found, nor it anything left on it in my Add/Remove
Programs (in fact I have few, other than MS). But the darned this WAS my IE
today. I am trying to find the site that noted it as the #1 AV even over
Avast and Trend Micro . . . it was a well known computer website like CNET.

I have run Malwear Byes (and it's always on), AdAware, Trend Micro's
Housecall, Avast, have Windows Defender ON, Avast back installed, Eusing
ran, and the darned this was still in my OE7.

Not normally do I c/o my lack of vision, but . . . there are times when
someone needs to know. I'm not perfect by any means. Thank you, again.



--
"Too often we underestimate the power of a touch, a smile, a kind word,
a listening ear, an honest compliment, or the smallest act of caring,
all of which have the potential to turn a life around." ~Leo F.
Buscaglia


.

Loading