TechSpot

windows security centre has detected spyware

By dingar
Oct 27, 2006
  1. Hello to all am new to this forum but need some advice help!!

    I currently have a black screen on XP when i log on with the message that "windows security centre has detected spyware" have run AdAware and cleaned the system but cannot get rid of the black screen, I have also lost the ability to open task manger.

    Any help would be greatly appreciated.

    many thanks

    Dingar
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    I have moved and retitled your thread in the correct forum.

    Go and read the Trojan Pakes and other nasties preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.


    Regards Howard :wave: :wave:


    This thread is for the use of dingar only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. dingar

    dingar TS Rookie Topic Starter

    Morning Howard

    Firstly many thanks for replying and apologies for posting in the wrong place.

    Attached are the two logs/reports that you asked me to attach.

    I am still having problems in so much that the Spyware warning has now dissapeared and Task manager has returned, however the desk top screen is now solid blue (instead of black) + Norton will not run in safe mode!

    many thanks

    Dingar
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Oh dear, you have the Bravesentry infection. It`s a real nasty, based on a rootkit and it`s very difficult to get rid of. I`ll be honest and say, if it were on my system, I`d reformat and reinstall from scratch. However, it`s up to you.

    Start by following These instructions.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    bravesentry.exe
    vxgamet[X2].exe
    vxh8jkdq[X2].exe
    win32.exe
    xpupdate.exe
    alg.exe
    kerneles8.exe
    maxd64.exe
    services.exe
    taskdir.exe
    voi[X1].exe
    vxgame[X2].exe
    dxvwabxj.exe


    Close task manager.

    Click start/run type regedit into the run box and press the enter key. Maximise the window and navigate and delet the following registry keys in the righthand pane.

    HKEY_CURRENT_USER\software\bravesentry
    HKEY_CURRENT_USER\software\bravesentry\scan
    HKEY_CURRENT_USER\software\bravesentry\systemsecurity
    HKEY_CURRENT_USER\software\bravesentry\updates
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runbravesentry
    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bravesentry
    BraveSentry

    Close regedit.

    Click start/run and type regsvr32 /u bravesentry0.dll and press the enter key. Do this for all the following files.

    bravesentry1.dll
    bravesentry2.dll
    bravesentry3.dll
    comdlg64.dll
    msupdate32.dll
    tio[X1].dll
    winbixnkq32.dll
    zlbw.dll

    Don`t woryy if not all the above are found.

    Next, locate and delete the following files(if there).

    bravesentry.exe
    vxgamet[X2].exe
    vxh8jkdq[X2].exe
    win32.exe
    xpupdate.exe
    bravesentry0.dll
    bravesentry1.dll
    bravesentry2.dll
    bravesentry3.dll
    comdlg64.dll
    msupdate32.dll
    tio[X1].dll
    winbixnkq32.dll
    zlbw.dll
    alg.exe
    kerneles8.exe
    maxd64.exe
    services.exe
    taskdir.exe
    voi[X1].exe
    vxgame[X2].exe
    desktop.html
    Explorer 2238
    dxvwabxj.exe
    BraveSentry
    BraveSentry.lnk

    Post fresh HJT and AVG Antispyware logs, only after doing the above.

    Regards Howard :)

    This thread is for the use of dingar only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. dingar

    dingar TS Rookie Topic Starter

    Morning Howard

    Again, many thanks for the help and advice.

    I took your advice and reformatted and reinstalled.

    All now appears to be working well.

    Many thanks


    Dinger
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s great news.

    Thanks for taking the time to get back to us.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of dingar only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...