virus warning? help needed fast!

  • Thread starter Thread starter Nancy M
  • Start date Start date
N

Nancy M

I had something come up on my screen warning me about 2 trojans and I need
to install XP antivirus protection..is this part of windows? It is trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
looks official, but I'm always a bit skeptical of these things..I was afraid
to click on install, not knowing what it was. I thought it would have already
been installed. I have Vista. Thanks,
 
I would not install and it is not part of windows to my understanding. See if
you can capture the address or link and block it in you firewall until you
can verify.
 
Nancy M said:
I had something come up on my screen warning me about 2 trojans and I
need to install XP antivirus protection..is this part of windows? It is
trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
looks official, but I'm always a bit skeptical of these things..I was
afraid
to click on install, not knowing what it was. I thought it would have
already
been installed. I have Vista.

Windows includes no such thing as "XP antivirus protection", particularly
not on Vista systems. You have encountered rogue security software, and did
the right thing not installing it.

I suspect you have a malware infection causing this pop-up, step through
Malke's advice posted in this thread:

http://www.microsoft.com/communitie...6E527B0FBA67&lang=en&cr=US&sloc=en-us&m=1&p=1

Charlie42
 
I had something come up on my screen warning me about 2 trojans and I need
to install XP antivirus protection..is this part of windows? It is trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo, and
looks official, but I'm always a bit skeptical of these things..I was afraid
to click on install, not knowing what it was. I thought it would have already
been installed. I have Vista. Thanks,

Ignore the message "need to install XP antivirus protection"; It'll get you
on more trouble!

1. Download and execute
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ...
http://www.filehippo.com/download_ccleaner/

2. Download and execute
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check
the radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222

3. Download and execute
David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
To use this utility, perform the following...
Execute; Multi_AV.exe {Note: You must use the default folder C:\AV-CLS}
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{or Double-click on 'Start Menu' in C:\AV-CLS}
NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your FireWall to allow it to download the needed AV vendor
related files.
C:\AV-CLS\StartMenu.BAT -- {or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode.
This way all the components can be downloaded from each AV vendor's web
site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
You can choose to go to each menu item and just download the needed files
or you can download the files and perform a scan in Normal Mode. Once you
have downloaded the files needed for each scanner you want to use, you
should reboot the PC into Safe Mode [F8 key during boot] and re-run the
menu again and choose which scanner you want to run in Safe Mode. It is
suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm

Once you cleaned you OS consider this:
Remove your existing AV application and replace with:
Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm

(scan regularly)

Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks registers/files to prevent spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."

(scan regularly)

Keep on using SAS - (scan regularly)

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Good luck :)
 
The popup you are getting is more spyware.
Don't touch it.
-- Below is security I use.

Vista’s Firewall is very good!

http://www.avast.com/eng/download-avast-home.html

Above is a link to Avast Free 4 Home Anti-Virus
It is low resource using, free and Vista 32bit and 64bit compatible.
Only have one (1) anti-virus installed; more than 1 can cause conflicts.

http://www.safer-networking.org/en/index.html

For Spyware removal, use the above link to “Spybot Search & Destroy 1.5.2â€
Download it, install it, update it, immunize your system and scan your
System with it.

http://www.javacoolsoftware.com/

For a non-scanning, but running in the background, Program to STOP Spyware
being downloaded to your Computer, use SpywareBlaster 4, available at the
above link.


Mick Murphy - Qld - Australia
 
Kayman,

I've seen you recommend Avira AntiVir® PersonalEdition Classic - Free in
prior post and I looked into this Virus software. I also see it tied with
two others in a ProtectStar Test Lab test and wanted to see the other two it
ties with. However, looking through their website I can only find it
available in German.
http://www.protectstar-testlab.org/de.index.html

Do you know of a English version of the above link? perhaps I missed it at
their site, but I don't see anything.

--
All the best,
SG

Is your computer system ready for Vista?
https://winqual.microsoft.com/hcl/

Kayman said:
I had something come up on my screen warning me about 2 trojans and I
need
to install XP antivirus protection..is this part of windows? It is
trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo,
and
looks official, but I'm always a bit skeptical of these things..I was
afraid
to click on install, not knowing what it was. I thought it would have
already
been installed. I have Vista. Thanks,

Ignore the message "need to install XP antivirus protection"; It'll get
you
on more trouble!

1. Download and execute
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls,
application
MRUs, etc. ...
http://www.filehippo.com/download_ccleaner/

2. Download and execute
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check
the radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222

3. Download and execute
David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
To use this utility, perform the following...
Execute; Multi_AV.exe {Note: You must use the default folder C:\AV-CLS}
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{or Double-click on 'Start Menu' in C:\AV-CLS}
NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your FireWall to allow it to download the needed AV vendor
related files.
C:\AV-CLS\StartMenu.BAT -- {or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode.
This way all the components can be downloaded from each AV vendor's web
site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
You can choose to go to each menu item and just download the needed files
or you can download the files and perform a scan in Normal Mode. Once you
have downloaded the files needed for each scanner you want to use, you
should reboot the PC into Safe Mode [F8 key during boot] and re-run the
menu again and choose which scanner you want to run in Safe Mode. It is
suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm

Once you cleaned you OS consider this:
Remove your existing AV application and replace with:
Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm

(scan regularly)

Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks registers/files to prevent
spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."

(scan regularly)

Keep on using SAS - (scan regularly)

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Good luck :)
 
Kayman,

I've seen you recommend Avira AntiVir® PersonalEdition Classic - Free in
prior post and I looked into this Virus software. I also see it tied with
two others in a ProtectStar Test Lab test and wanted to see the other two it
ties with. However, looking through their website I can only find it
available in German.
http://www.protectstar-testlab.org/de.index.html

Do you know of a English version of the above link? perhaps I missed it at
their site, but I don't see anything.

No, I don't. Have a look at:
http://www.av-comparatives.org/
Cheers :)
 
thanks for all of your answers. while waiting for them, I called microsoft
and they said it was spyware. I'm so pleased I recognized it...that's how
baisc my knowledge is. I ran a Norton fuill scan and isolated one spyware. I
also checked and found that my firewall was turned off (other people use this
computer)I did turn it back on. I checked some of the links you offered and
going into safe mode and doing things is really beyond me I think ...I
frequently don't understand instrucions. At this point do I need to do other
things? something really simple?
I really appreciate the answers.
 
thanks for all of your answers. while waiting for them, I called microsoft
and they said it was spyware. I'm so pleased I recognized it...that's how
baisc my knowledge is. I ran a Norton fuill scan and isolated one spyware. I
also checked and found that my firewall was turned off (other people use this
computer)I did turn it back on. I checked some of the links you offered and
going into safe mode and doing things is really beyond me I think ...I
frequently don't understand instrucions. At this point do I need to do other
things? something really simple?
I really appreciate the answers.

Nancy, you need to educate yourself! (Google is your friend) or get
somebody to teach you. The software/links/instructions provided *is*
quality stuff...it doesn't come any simpler.
BTW, the retail version of Norton AV is a POS, eventually you'll regret
keeping it.

Good luck :)
 
Kayman said:
Nancy, you need to educate yourself! (Google is your friend) or get
somebody to teach you. The software/links/instructions provided *is*
quality stuff...it doesn't come any simpler.
BTW, the retail version of Norton AV is a POS, eventually you'll regret
keeping it.

Good luck :)


Google is not your friend, unless you wish to surrender every aspect of
privacy you thought you had.

C.B.
 
Google is not your friend, unless you wish to surrender every aspect of
privacy you thought you had.
It all depends how one is using the search engine.
Anyway, *Internet Privacy*...an oxymoron really :-)
 
Kayman said:
I had something come up on my screen warning me about 2 trojans and Ineed
to install XP antivirus protection..is this part of windows? It is trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo,and
looks official, but I'm always a bit skeptical of these things..I was afraid
to click on install, not knowing what it was. I thought it would have already
been installed. I have Vista. Thanks,

Ignore the message "need to install XP antivirus protection"; It'll getyou
on more trouble!

1. Download and execute
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ...
http://www.filehippo.com/download_ccleaner/

2. Download and execute
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check
the radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222

3. Download and execute
David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
To use this utility, perform the following...
Execute; Multi_AV.exe {Note: You must use the default folder C:\AV-CLS}
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{or Double-click on 'Start Menu' in C:\AV-CLS}
NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your FireWall to allow it to download the needed AV vendor
related files.
C:\AV-CLS\StartMenu.BAT -- {or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode.
This way all the components can be downloaded from each AV vendor's web
site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
You can choose to go to each menu item and just download the needed files
or you can download the files and perform a scan in Normal Mode. Once you
have downloaded the files needed for each scanner you want to use, you
should reboot the PC into Safe Mode [F8 key during boot] and re-run the
menu again and choose which scanner you want to run in Safe Mode. It is
suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm

Once you cleaned you OS consider this:
Remove your existing AV application and replace with:
Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm

(scan regularly)

Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks registers/files to prevent spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."

(scan regularly)

Keep on using SAS - (scan regularly)

Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp

Good luck :)
Windows defender probably snagged a sneak install of
malware on your pc. Both MyTob.mailer and Zlob.z are malware
pests. You did right in denying install privilege. I use
AVAST antivirus without the skins or network shield
installed. Works fine. I am upgrading the config to include
network protection as well. I also have a paid subscription
to Ad-Aware 2007.
 
Back
Top