sirdouglasb Posted April 1, 2010 ID:225555 Share Posted April 1, 2010 I have been unable to remove XP defender. I have downloaded the specific utility for removal from this site, but XP defender blocks it. I renamed it to mbam.com and was able to run the set up routine. However, XP Defender blocks the program from actually running. Same with Spyware doctor.In Regedit, it seems like there were a lot of entries listed under the folder "Your Protection". I deleted the folder and still had no luck when I rebooted into safe mode.Is there any free on-line removal tool that can remove this? I have not had much experience with the regedit function, so if there is a manual removal routine that is very detailed for idiots like, I could give that a try as well.Is there anyway I can stop this program from running at startup so that I can run Mbam?Does XP defender also prevent you from using the system restore? Because I have not been able to do a restore either.Help please!Douglas I have run DDS, Defogger, and gmer root kit scanner and attached the resultsDDS.txtAttach.zipark.zip Link to post Share on other sites More sharing options...
Maniac Posted April 3, 2010 ID:226438 Share Posted April 3, 2010 Hello Douglas! Welcome to MalwareBytes' Anti-Malware Forums!My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. Do not install any software or hardware, while work on.Step 1:Please uninstall the following applications:Adobe Reader 9.2Ask ToolbarAfter finish our work, please download and install the latest version of Adobe Reader from:http://www.adobe.comStep 2:Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to Combo-Fix.exe please.Post the log from ComboFix when you've accomplished.Important notes regarding ComboFix:ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.Note: During this process, it would help a great deal and be very much appreciated if you would refrain from installing any new software or hardware on this machine, unless absolutely necessary, until the clean up process is finished as it makes our job more tedious, with additional new files that may have to be researched, which is very time consuming. Also, please do not run any security programs or fixes on your own as doing so may compromise what we will be doing. It is important that you wait for instructions. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted April 9, 2010 Root Admin ID:229935 Share Posted April 9, 2010 Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you. Link to post Share on other sites More sharing options...
Recommended Posts