virus warning? help needed fast!

  • Thread starter Thread starter Nancy M
  • Start date Start date
N

Nancy M

I had something come up on my screen warning me about 2 trojans and I need
to install XP antivirus protection..is this part of windows? It is trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
looks official, but I'm always a bit skeptical of these things..I was afraid
to click on install, not knowing what it was. I thought it would have already
been installed. I have Vista. Thanks,
 
I would not install and it is not part of windows to my understanding. See if
you can capture the address or link and block it in you firewall until you
can verify.
--
S.E. Murray


"Nancy M" wrote:

> I had something come up on my screen warning me about 2 trojans and I need
> to install XP antivirus protection..is this part of windows? It is trojan
> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
> looks official, but I'm always a bit skeptical of these things..I was afraid
> to click on install, not knowing what it was. I thought it would have already
> been installed. I have Vista. Thanks,
 
"Nancy M" wrote:

> I had something come up on my screen warning me about 2 trojans and I
> need to install XP antivirus protection..is this part of windows? It is
> trojan
> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
> looks official, but I'm always a bit skeptical of these things..I was
> afraid
> to click on install, not knowing what it was. I thought it would have
> already
> been installed. I have Vista.

Windows includes no such thing as "XP antivirus protection", particularly
not on Vista systems. You have encountered rogue security software, and did
the right thing not installing it.

I suspect you have a malware infection causing this pop-up, step through
Malke's advice posted in this thread:

http://www.microsoft.com/communities/newsg...c=en-us&m=1&p=1

Charlie42
 
On Sun, 13 Apr 2008 20:58:00 -0700, Nancy M wrote:

> I had something come up on my screen warning me about 2 trojans and I need
> to install XP antivirus protection..is this part of windows? It is trojan
> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
> looks official, but I'm always a bit skeptical of these things..I was afraid
> to click on install, not knowing what it was. I thought it would have already
> been installed. I have Vista. Thanks,

Ignore the message "need to install XP antivirus protection" It'll get you
on more trouble!

1. Download and execute
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ...
http://www.filehippo.com/download_ccleaner/

2. Download and execute
SuperAntispyware - Free
http://www.superantispyware.com/superantis...efreevspro.html

After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check
the radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222

3. Download and execute
David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/0...virus-for-free/
To use this utility, perform the following...
Execute Multi_AV.exe {Note: You must use the default folder C:\AV-CLS}
Choose Unzip
Choose Close
Execute C:\AV-CLS\StartMenu.BAT
{or Double-click on 'Start Menu' in C:\AV-CLS}
NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your FireWall to allow it to download the needed AV vendor
related files.
C:\AV-CLS\StartMenu.BAT -- {or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode.
This way all the components can be downloaded from each AV vendor's web
site.
The choices are Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
You can choose to go to each menu item and just download the needed files
or you can download the files and perform a scan in Normal Mode. Once you
have downloaded the files needed for each scanner you want to use, you
should reboot the PC into Safe Mode [F8 key during boot] and re-run the
menu again and choose which scanner you want to run in Safe Mode. It is
suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm

Once you cleaned you OS consider this:
Remove your existing AV application and replace with:
Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm

(scan regularly)

Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/s...re/default.mspx
WD monitors the start-registry and hooks registers/files to prevent spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."

(scan regularly)

Keep on using SAS - (scan regularly)

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Good luck
smile.gif
 
The popup you are getting is more spyware.
Don't touch it.
-- Below is security I use.

Vista’s Firewall is very good!

http://www.avast.com/eng/download-avast-home.html

Above is a link to Avast Free 4 Home Anti-Virus
It is low resource using, free and Vista 32bit and 64bit compatible.
Only have one (1) anti-virus installed more than 1 can cause conflicts.

http://www.safer-networking.org/en/index.html

For Spyware removal, use the above link to “Spybot Search & Destroy 1.5.2â€Â
Download it, install it, update it, immunize your system and scan your
System with it.

http://www.javacoolsoftware.com/

For a non-scanning, but running in the background, Program to STOP Spyware
being downloaded to your Computer, use SpywareBlaster 4, available at the
above link.


Mick Murphy - Qld - Australia


"Nancy M" wrote:

> I had something come up on my screen warning me about 2 trojans and I need
> to install XP antivirus protection..is this part of windows? It is trojan
> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
> looks official, but I'm always a bit skeptical of these things..I was afraid
> to click on install, not knowing what it was. I thought it would have already
> been installed. I have Vista. Thanks,
 
Kayman,

I've seen you recommend Avira AntiVir® PersonalEdition Classic - Free in
prior post and I looked into this Virus software. I also see it tied with
two others in a ProtectStar Test Lab test and wanted to see the other two it
ties with. However, looking through their website I can only find it
available in German.
http://www.protectstar-testlab.org/de.index.html

Do you know of a English version of the above link? perhaps I missed it at
their site, but I don't see anything.

--
All the best,
SG

Is your computer system ready for Vista?
https://winqual.microsoft.com/hcl/

"Kayman" wrote in message
news:%23p5wo2fnIHA.1768@TK2MSFTNGP05.phx.gbl...
> On Sun, 13 Apr 2008 20:58:00 -0700, Nancy M wrote:
>
>> I had something come up on my screen warning me about 2 trojans and I
>> need
>> to install XP antivirus protection..is this part of windows? It is
>> trojan
>> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo,
>> and
>> looks official, but I'm always a bit skeptical of these things..I was
>> afraid
>> to click on install, not knowing what it was. I thought it would have
>> already
>> been installed. I have Vista. Thanks,
>
> Ignore the message "need to install XP antivirus protection" It'll get
> you
> on more trouble!
>
> 1. Download and execute
> CCleaner - Free
> Cleans temporary internet files, cookies, history, recent urls,
> application
> MRUs, etc. ...
> http://www.filehippo.com/download_ccleaner/
>
> 2. Download and execute
> SuperAntispyware - Free
> http://www.superantispyware.com/superantis...efreevspro.html
>
> After the software is updated, it is suggested scanning the system in Safe
> Mode.
> How do you boot to Safe Mode?
> By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
> Alternatively:
> click onto Start==>Run, type "msconfig" (without quotation marks), click
> OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
> Restart. To go back to Normal Mode, you must access the System
> Configuration utility again and click the General tab then click/check
> the radio button 'Normal Startup'- load all device drivers and services'.
> A description of the Safe Mode Boot options in Windows XP
> http://support.microsoft.com/default.aspx?scid=315222
>
> 3. Download and execute
> David H. Lipman's MULTI_AV.EXE from the URL:
> http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
> http://www.pctipp.ch/downloads/dl/35905.asp
> English:
> http://www.raymond.cc/blog/archives/2008/0...virus-for-free/
> To use this utility, perform the following...
> Execute Multi_AV.exe {Note: You must use the default folder C:AV-CLS}
> Choose Unzip
> Choose Close
> Execute C:AV-CLSStartMenu.BAT
> {or Double-click on 'Start Menu' in C:AV-CLS}
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to
> go through your FireWall to allow it to download the needed AV vendor
> related files.
> C:AV-CLSStartMenu.BAT -- {or Double-click on 'Start Menu' in C:AV-CLS}
> This will bring up the initial menu of choices and should be executed in
> Normal Mode.
> This way all the components can be downloaded from each AV vendor's web
> site.
> The choices are Sophos, Trend, McAfee, Kaspersky, Exit this menu and
> Reboot the PC.
> You can choose to go to each menu item and just download the needed files
> or you can download the files and perform a scan in Normal Mode. Once you
> have downloaded the files needed for each scanner you want to use, you
> should reboot the PC into Safe Mode [F8 key during boot] and re-run the
> menu again and choose which scanner you want to run in Safe Mode. It is
> suggested to run the scanners in both Safe Mode and Normal Mode.
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help file.
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
> Once you cleaned you OS consider this:
> Remove your existing AV application and replace with:
> Avira AntiVir® PersonalEdition Classic - Free
> http://www.free-av.com/antivirus/allinonen.html
> You may wish to consider removing the 'AntiVir Nagscreen'
> http://www.elitekiller.com/files/disable_antivir_nag.htm
>
> (scan regularly)
>
> Windows Defender - Free (build-in in Vista)
> http://www.microsoft.com/athome/security/s...re/default.mspx
> WD monitors the start-registry and hooks registers/files to prevent
> spyware
> and worms to install to the OS.
> Interesting reading:
> http://www.pcworld.com/article/id,136195/article.html
> "...Windows Defender did excel in behavior-based protection, which detects
> changes to key areas of the system without having to know anything about
> the actual threat."
>
> (scan regularly)
>
> Keep on using SAS - (scan regularly)
>
> Routinely practice Safe-Hex.
> http://www.claymania.com/safe-hex.html
> Hundreds Click on 'Click Here to Get Infected' Ad
> http://www.eweek.com/article2/0,1895,2132447,00.asp
>
> Good luck
smile.gif
 
On Mon, 14 Apr 2008 06:00:39 -0400, SG wrote:

> Kayman,
>
> I've seen you recommend Avira AntiVir® PersonalEdition Classic - Free in
> prior post and I looked into this Virus software. I also see it tied with
> two others in a ProtectStar Test Lab test and wanted to see the other two it
> ties with. However, looking through their website I can only find it
> available in German.
> http://www.protectstar-testlab.org/de.index.html
>
> Do you know of a English version of the above link? perhaps I missed it at
> their site, but I don't see anything.

No, I don't. Have a look at:
http://www.av-comparatives.org/
Cheers
smile.gif
 
thanks for all of your answers. while waiting for them, I called microsoft
and they said it was spyware. I'm so pleased I recognized it...that's how
baisc my knowledge is. I ran a Norton fuill scan and isolated one spyware. I
also checked and found that my firewall was turned off (other people use this
computer)I did turn it back on. I checked some of the links you offered and
going into safe mode and doing things is really beyond me I think ...I
frequently don't understand instrucions. At this point do I need to do other
things? something really simple?
I really appreciate the answers.
 
On Mon, 14 Apr 2008 05:19:00 -0700, Nancy M wrote:

> thanks for all of your answers. while waiting for them, I called microsoft
> and they said it was spyware. I'm so pleased I recognized it...that's how
> baisc my knowledge is. I ran a Norton fuill scan and isolated one spyware. I
> also checked and found that my firewall was turned off (other people use this
> computer)I did turn it back on. I checked some of the links you offered and
> going into safe mode and doing things is really beyond me I think ...I
> frequently don't understand instrucions. At this point do I need to do other
> things? something really simple?
> I really appreciate the answers.

Nancy, you need to educate yourself! (Google is your friend) or get
somebody to teach you. The software/links/instructions provided *is*
quality stuff...it doesn't come any simpler.
BTW, the retail version of Norton AV is a POS, eventually you'll regret
keeping it.

Good luck
smile.gif
 
"Kayman" wrote in message
news:#RLGeNjnIHA.1184@TK2MSFTNGP04.phx.gbl...
> On Mon, 14 Apr 2008 05:19:00 -0700, Nancy M wrote:
>
>> thanks for all of your answers. while waiting for them, I called
>> microsoft
>> and they said it was spyware. I'm so pleased I recognized it...that's how
>> baisc my knowledge is. I ran a Norton fuill scan and isolated one
>> spyware. I
>> also checked and found that my firewall was turned off (other people use
>> this
>> computer)I did turn it back on. I checked some of the links you offered
>> and
>> going into safe mode and doing things is really beyond me I think ...I
>> frequently don't understand instrucions. At this point do I need to do
>> other
>> things? something really simple?
>> I really appreciate the answers.
>
> Nancy, you need to educate yourself! (Google is your friend) or get
> somebody to teach you. The software/links/instructions provided *is*
> quality stuff...it doesn't come any simpler.
> BTW, the retail version of Norton AV is a POS, eventually you'll regret
> keeping it.
>
> Good luck
smile.gif



Google is not your friend, unless you wish to surrender every aspect of
privacy you thought you had.

C.B.


--
It is the responsibility and duty of everyone to help the underprivileged
and unfortunate among us.
 
On Tue, 15 Apr 2008 01:14:55 -0400, C.B. wrote:

> "Kayman" wrote in message
> news:#RLGeNjnIHA.1184@TK2MSFTNGP04.phx.gbl...
>> On Mon, 14 Apr 2008 05:19:00 -0700, Nancy M wrote:
>>
>>> thanks for all of your answers. while waiting for them, I called
>>> microsoft
>>> and they said it was spyware. I'm so pleased I recognized it...that's how
>>> baisc my knowledge is. I ran a Norton fuill scan and isolated one
>>> spyware. I
>>> also checked and found that my firewall was turned off (other people use
>>> this
>>> computer)I did turn it back on. I checked some of the links you offered
>>> and
>>> going into safe mode and doing things is really beyond me I think ...I
>>> frequently don't understand instrucions. At this point do I need to do
>>> other
>>> things? something really simple?
>>> I really appreciate the answers.
>>
>> Nancy, you need to educate yourself! (Google is your friend) or get
>> somebody to teach you. The software/links/instructions provided *is*
>> quality stuff...it doesn't come any simpler.
>> BTW, the retail version of Norton AV is a POS, eventually you'll regret
>> keeping it.
>>
>> Good luck
smile.gif

>
>
> Google is not your friend, unless you wish to surrender every aspect of
> privacy you thought you had.
>
It all depends how one is using the search engine.
Anyway, *Internet Privacy*...an oxymoron really :-)
 
Kayman wrote:
> On Sun, 13 Apr 2008 20:58:00 -0700, Nancy M wrote:
>
>> I had something come up on my screen warning me about 2 trojans and I need
>> to install XP antivirus protection..is this part of windows? It is trojan
>> MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
>> looks official, but I'm always a bit skeptical of these things..I was afraid
>> to click on install, not knowing what it was. I thought it would have already
>> been installed. I have Vista. Thanks,
>
> Ignore the message "need to install XP antivirus protection" It'll get you
> on more trouble!
>
> 1. Download and execute
> CCleaner - Free
> Cleans temporary internet files, cookies, history, recent urls, application
> MRUs, etc. ...
> http://www.filehippo.com/download_ccleaner/
>
> 2. Download and execute
> SuperAntispyware - Free
> http://www.superantispyware.com/superantis...efreevspro.html
>
> After the software is updated, it is suggested scanning the system in Safe
> Mode.
> How do you boot to Safe Mode?
> By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
> Alternatively:
> click onto Start==>Run, type "msconfig" (without quotation marks), click
> OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
> Restart. To go back to Normal Mode, you must access the System
> Configuration utility again and click the General tab then click/check
> the radio button 'Normal Startup'- load all device drivers and services'.
> A description of the Safe Mode Boot options in Windows XP
> http://support.microsoft.com/default.aspx?scid=315222
>
> 3. Download and execute
> David H. Lipman's MULTI_AV.EXE from the URL:
> http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
> http://www.pctipp.ch/downloads/dl/35905.asp
> English:
> http://www.raymond.cc/blog/archives/2008/0...virus-for-free/
> To use this utility, perform the following...
> Execute Multi_AV.exe {Note: You must use the default folder C:AV-CLS}
> Choose Unzip
> Choose Close
> Execute C:AV-CLSStartMenu.BAT
> {or Double-click on 'Start Menu' in C:AV-CLS}
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to
> go through your FireWall to allow it to download the needed AV vendor
> related files.
> C:AV-CLSStartMenu.BAT -- {or Double-click on 'Start Menu' in C:AV-CLS}
> This will bring up the initial menu of choices and should be executed in
> Normal Mode.
> This way all the components can be downloaded from each AV vendor's web
> site.
> The choices are Sophos, Trend, McAfee, Kaspersky, Exit this menu and
> Reboot the PC.
> You can choose to go to each menu item and just download the needed files
> or you can download the files and perform a scan in Normal Mode. Once you
> have downloaded the files needed for each scanner you want to use, you
> should reboot the PC into Safe Mode [F8 key during boot] and re-run the
> menu again and choose which scanner you want to run in Safe Mode. It is
> suggested to run the scanners in both Safe Mode and Normal Mode.
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help file.
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
> Once you cleaned you OS consider this:
> Remove your existing AV application and replace with:
> Avira AntiVir® PersonalEdition Classic - Free
> http://www.free-av.com/antivirus/allinonen.html
> You may wish to consider removing the 'AntiVir Nagscreen'
> http://www.elitekiller.com/files/disable_antivir_nag.htm
>
> (scan regularly)
>
> Windows Defender - Free (build-in in Vista)
> http://www.microsoft.com/athome/security/s...re/default.mspx
> WD monitors the start-registry and hooks registers/files to prevent spyware
> and worms to install to the OS.
> Interesting reading:
> http://www.pcworld.com/article/id,136195/article.html
> "...Windows Defender did excel in behavior-based protection, which detects
> changes to key areas of the system without having to know anything about
> the actual threat."
>
> (scan regularly)
>
> Keep on using SAS - (scan regularly)
>
> Routinely practice Safe-Hex.
> http://www.claymania.com/safe-hex.html
> Hundreds Click on 'Click Here to Get Infected' Ad
> http://www.eweek.com/article2/0,1895,2132447,00.asp
>
> Good luck
smile.gif

Windows defender probably snagged a sneak install of
malware on your pc. Both MyTob.mailer and Zlob.z are malware
pests. You did right in denying install privilege. I use
AVAST antivirus without the skins or network shield
installed. Works fine. I am upgrading the config to include
network protection as well. I also have a paid subscription
to Ad-Aware 2007.

--
Visit Family Radio Today
http://www.familyradio.com/
 
Back
Top