Out of the blue

[Jeremy]

Removed.

Edited July 26, 2013 by Jeremy

[submix8c]

Yes, (brother's PC).

You'll need to get rid of it via Clean Install on another HDD then "MBAM" the offender before it can be used again. Lots of cleanup afterward even after being MBAM'ed.

The culprit was undoubtedly that file. Other files are just floating all over under wierd names and run again from the Registry ("runonce", part of the "cleanup").

BTW, you need LSPFIX because that's what's preventing the updates (I believe).

Since you already reloaded....

[Tripredacus]

The "Dr. Guard" program was the key. This is from the new strain of fake antivirus/antimalware programs. Some are smart, some are stupid. Most work extremely well (what they were designed to do that is) on XP, but not so much on Vista or 7. #1 thing, these programs use registry settings to block your programs. The first variation would only use the Image Execution Options lists. Renaming the installer and EXE bypassed this. The second wave would terminate programs that tried to open/modify/delete the files it used/needed. This even included Notepad or in some cases even explorer.exe. In these cases, if renaming does not work, only WinPE or NTFSDOS are your saviours. Then after you remove "part" of the problem, can you run Gmer or MBAM (still renamed to be safe) to remove some more.

Yet you described something on 7, which so far I have not encountered a problem removing. Rest assured, these programs are a lot easier to remove from Vista or 7 than XP. Also, never forget about using cacls (or xcacls) to change the ACLs on files you need, or files you don't want running. Denying SYSTEM access to files is often a great way to disable these programs.