IT Queries: Computer problems answered

Hi, My pc has the following:

Norton Internet Security 2008
Spyware Doctor 6.0.0.386
ThreatFire 4.0.0.8
SpywareBlaster 4.1
MalwareBytes’ Anti-Malware

My question is: is KIS 2009 compatible with ThreatFire 4.0.0.8 as I want to continue with ThreatFire as it is a very good program?

I intend to keep Spyware Doctor.

It sounds like you are very much on the ball when it comes to protecting your system against malware and certainly your choices of sofware make sense.

However I’m concerned your system’s going to struggle with both Kaspersky and Threatfire on your system. Generally it’s not a good idea to be running two scanners at the same time.

While I’m not familiar with Threatfire, it’s likely it will cause problems with Kasperski or any other anti virus simply because Threatfire will identify the anti virus program as acting suspiciously.

It’s good practice not to have more than one malware scanner running at once and I think it would be best to leave one or the other’s automatic protection off and manually run a scan every few days or weeks.

Malwarebytes and Spyware Blaster are good programs as well and it won’t hurt to reguarly run a manual scan using those programs as well.

If you are really concerned about malware then it may be better to be a Limited User for your day-to-day computing. This will stop most nasties getting on to your machine.

Stan is getting a message that he is infected with a virus and should run Winspyware protect to fix it. This is a scam and is really just a virus itself but it can be difficult to remove. The best tool for removing it is a free download called Malware Bytes. The linked website has a paid version and a free download.

We’d recommend running this tool followed by cleaning up your computer.

After downloading the Adobe Media Player via the new ABC IView website, my anti-virus software – ZoneLabs Security Suite (ZoneAlarm Anti Virus) – found the following Spyware on my computer and has identified it as a serious threat to my PC’s security:

Win32.Trojan.SpyAgent.dbk
File: C:\\WINDOWS\\SYSTEM32\\msflxgrd.ocx
RegistryKey: HKEY_CURRENT_USER\Software\Adobe

I’m pretty confident that’s a false positive from Zone Alarm, msflxgrd.ocx is a legitimate Windows file.

A quick search picks up some other people reporting this in the Zone Alarm forums in the last couple of days so I’d say it’s an Zone Alarm update gone wrong. My best advice would be to choose the option to permanently ignore this problem, ZA will probably issue an update fixing this problem in the next few days.

I have run an antispyware and it has picked up: Trojan-Clicker hkey-current-user\\software\

\microsoft\\windows\\current version\\internet settings\\zonemap\\domains\\analcord.com
\\gooozle.bz/www
\\preferit-windows
Avast doesn’t pick these up.  What do you think

You almost certainly do have some sort of spyware infection and the spyware has changed settings in the Internet Explorer trusted sites zones. This allows the sites listed to get better access to your system.

This is one reason we suggest running Firefox, Opera or Safari in preference to Internet Explorer.

You’ll need to give your computer a good scan for spyware, encourage your office or household not to use IE and educate users on what websites they should avoid.

I am a windows XP SP2 user. Everytime on start up i get the following error message “windows cannot find KHATARNAK.EXE. Make sure you typed the name correctly and then try again. To search for a file, click the start button and then click search”.

Below this i get another dialogue box with the message “windows cannot find ‘c:\WINDOWS\inf\other.exe”. Make sure you typed the name correctly and then try again”

If i click ok or close this dialogue box i get one more dialogue box which says “could not run “c:\WINDOWS\inf\other.exe” specified in the registry” and on closing this another one which says “windows cannot find “c:\windows\system32\config\win.exe’ .make sure u type the name correctly and then try again”

On closing this my normal desktop screen appears. What is wrong ?? What is the solution ??

 What’s happening is Windows wants to open some programs when it starts.  It can’t find them so you are getting these errors.

The good news is these programs are spyware and viruses. What it seems has happened is you’ve been infected but the infection has been cleaned from the computer.  Whatever cleaned your infection, it didn’t remove some of the pointers to the problem.

To fix this, open the System Configuration tool and take the ticks off the startup options pointing to KHATARNAK.EXE and the other items that are coming up as “not found”.

It’s also a very good idea to scan your computer for other infections and change any important passwords such as banking details.

I am running Trend Micro Internet Security and get an unresolved problem TROJ_Generic.ADV Infected File in a file called keygen.exe. How can I resolve this?

Some files can’t be cleaned because they are in use when the scanner picks it up. You’ll need to start your computer in Safe Mode and run a scan while most services are dormant. We have instructions on starting your computer in Safe Mode in a previous answer.

Some anti-malware programs can’t run in Safe Mode, we’re not sure if this is the case with Trend Micro. If it is, then you should download and run the free X-Clean scanner and run that in Safe Mode.

The free X-Clean scanner will give you an indication if you have an infection. If you do, then it will be worthwhile running other malware tools such as Spybot Search and Destroy, Ad-aware and PC Tools’ Spyware Doctor.

It is also possible the warning is a false alarm. In our office we have a number of security tools that regularly get flagged as potential viruses or spyware. But it’s better to be safe than sorry.

everytime I open my internet explorer there is an error appear on the lower right corner of my monitor saying”System Messaged click here for details”. then when I click the message it automatically go to one site. what is the problem? is this a virus? thanks.

Unfortunately you probably are infected with something, follow our Removing a Trojan advice. If you have clicked for details and paid any money to these people then you should contact your credit card company. We’d also strongly recommend changing banking and other important passwords after your computer has been cleaned.

when i visit a website address, within 2 seconds of being in the homepage I am directed to another webpage full of advertising.

I cannot seem to visit the web address i actually want to view.

Why is this and what is causing this to happen? How can I prevent this happening in the future?

You have been infected with spyware. The specific type that’s causing this problem is known as a page hijacker.

Unfortunately a page hijacker indicates you are almost certainly infected with other spyware.

We have instructions on removing spyware but keep in mind your infection is probably quite severe and may require expert assistance and possibly even reformatting your computer.

We would urge to change any PINs and passwords you have used on this computer as they may have been compromised. Do not do this on the infected computer.

I have been blessed with an unsolicited message from url runonce.msn.com/runonce2.aspx relating to internet explorer 7. This site has not downloaded correctly and i am unable to get rid of the damm thing. I am running windows xp professional and the error message is as follows
Line 8
Char 5
Error not implemented
Code 0
Url runonce.msn.com/runonce 2 aspx

You can change the startup page by opening Internet Explorer, clicking Tools, Internet Options and changing the home page settings under the General tab.

However it sounds like you have a spyware infection. We’ve previously posted instructions on removing a Trojan.

Some of these spyware infections can be very difficult to remove, if you find it stubborn, you may want to contact our technicians.

Since my Grandchildren visited and downloaded music, I have been plagued by Pop-ups. What is the latest free program I can use to stop this nuisance.

Unfortunately you have a malware infection. Your computer has picked up a program that feeds adverts into your computer. The people who put this rubbish on computers deliberately prey on kids looking for free music.

We have instructions on removing this stuff in a previous post. Keep in mind it can be difficult to remove these infections so you may have to call a computer tech in to assist you.

We’d suggest setting up limited user profiles for your kids. We have instructions on doing this on our PC Rescue website.