|
my friend is sending me a s.o.s about this virus anyone have any ideas on how to rid of it windows xp pro is his o.s |
|
Yep its malware! Here's how to remove it! **http://www.myantispyware.com/2010/06/02/how-to-remove-cntprot-exe-malware/** or click "here" While cntprot.exe is running, it will block the Windows Task Manager and most legitimate Windows applications, flood your computer with nag screens, fake security alerts and notifications from your Windows taskbar. Follow that guide!!! Step 1. Repair “running of .exe files”.
Click Start, Run. Type command and press Enter. Command console “black window” opens. Type notepad as shown below.
Press Enter. Notepad opens. Copy all the text below into Notepad. Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOTexefileshellopencommand] @=""%1" %*" You will see window similar to the one below.
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.) Double Click fix.reg and click YES for confirm. Reboot your computer. If you can`t create fix.reg, then download fix.zip from here, unzip it. Double Click fix.reg and click YES for confirm. Reboot your computer. Step 2. Remove TDSS trojan-rootkit You need remove TDSS trojan, after that, you will be able to remove cntprot.exe malware without any problem. Download TDSSKiller from here and unzip to your desktop. Open TDSSKiller folder. Right click to tdsskiller and select rename. Type a new name (123myapp, for example). Press Enter. Double click the TDSSKiller icon to start scanning Windows registry for TDSS trojan. If it is found, the you will see a screen similar to the one below.
When TDSSKiller will prompt you to press “Y”, type Y and press Enter. Your computer will be rebooted. Step 3. Remove cntprot.exe malware and any associated malware. Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish. MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version. As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.
Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for cntprot.exe malware. This procedure can take some time, so please be patient. When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove cntprot.exe malware. MalwareBytes Anti-malware will now remove all of associated cntprot.exe malware files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart. Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it. Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum. Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future. cntprot.exe malware creates the following files and folders C:Program FilesProtection Center %UserProfile%Start MenuProgramsProtection Center C:Program FilesProtection Centercnthook.dll C:Program FilesProtection Centercntprot.exe C:Program FilesProtection Centerabout.ico C:Program FilesProtection Centeractivate.ico C:Program FilesProtection Centerbuy.ico C:Program FilesProtection Centerhelp.ico C:Program FilesProtection Centerscan.ico C:Program FilesProtection Centersettings.ico C:Program FilesProtection Centersplash.mp3 C:Program FilesProtection Centeruninstall.exe C:Program FilesProtection Centerupdate.ico C:Program FilesProtection Centercnt.db C:Program FilesProtection Centercntext.dll C:Program FilesProtection Centervirus.mp3 %UserProfile%Start MenuProgramsProtection CenterAbout.lnk %UserProfile%Start MenuProgramsProtection CenterActivate.lnk %UserProfile%Start MenuProgramsProtection CenterBuy.lnk %UserProfile%Start MenuProgramsProtection CenterScan.lnk %UserProfile%Start MenuProgramsProtection CenterSettings.lnk %UserProfile%Start MenuProgramsProtection CenterUpdate.lnk %UserProfile%Start MenuProgramsProtection CenterProtection Center Support.lnk %UserProfile%Start MenuProgramsProtection CenterProtection Center.lnk %UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchProtection Center.lnk %UserProfile%DesktopProtection Center Support.lnk %UserProfile%DesktopProtection Center.lnk cntprot.exe malware creates the following registry keys and values HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunProtection Center HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystemDisableTaskMgr HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystemDisableTaskMgr |
|
This free software will help you out at http://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html?part=dl-6281995&subj=dl&tag=button
if you need to e mail me my e mail is at anthonyscomputerservice@hotmail.com |
changed the tag "Wondows" to "Windows"