Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Fake Anti Virus software

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Fake Anti Virus software

Unread postby brickdiamond » June 24th, 2011, 7:19 pm

Dear Member:

Pasted below are: (1) an explanation; (2) DDS Log File in notepad; and (3) DDS Attach.
in that order.

Problems are: a malicious fake spyware program got in my computer while surfing porn. It is called "XP
Antivirus 2012" It is requesting "registration." The mal ware does not allow: (1) connection to internet
(2) any anti spy or anti malware program previously installed to open; (3) any word processing software
to open.


DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20
Run by owner at 15:58:02 on 2011-06-24
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.155 [GMT -7:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
C:\WINDOWS\system32\DeltaIITray.exe
C:\Program Files\PDF-XChangeSDKEU\PDFSaver.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Documents and Settings\owner\Local Settings\Application Data\xmi.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WordPerfect Office X3\Programs\wpwin13.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
.
============== Pseudo HJT Report ===============
.
mURLSearchHooks: H - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
uRun: [FreeRAM XP] "c:\program files\yourware solutions\freeram xp pro\FreeRAM XP Pro.exe" -win
uRun: [PDFSaver] c:\program files\pdf-xchangesdkeu\PDFSaver.exe
uRun: [HijackThis startup scan] c:\program files\trend micro\hijackthis\HijackThis.exe /startupscan
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [4016093937] c:\documents and settings\owner\local settings\application data\xmi.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SecurDisc] c:\program files\nero\nero 7\incd\NBHGui.exe
mRun: [InCD] c:\program files\nero\nero 7\incd\InCD.exe
mRun: [PDFHook] c:\program files\nuance\pdf professional 5\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf professional 5\RegistryController.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [Nuance PDF Professional 5-reminder] "c:\program files\nuance\pdf professional 5\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\pdf professional 5\ereg\Ereg.ini"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [M-Audio Taskbar Icon] c:\windows\system32\DeltaIITray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Open with Nuance PDF Converter 5.0 - c:\program files\nuance\pdf professional 5\cnvres_eng.dll /100
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/fl ... wflash.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{4A49BFCC-0360-4AC6-BC4E-BCB3E0F768D0} : DhcpNameServer = 10.0.0.1
mASetup: {28ABC5C0-4FCB-11CF-AAX5-21CX1C642131} - c:\restore\s-1-5-21-1482476501-1644491937-682003330-1013\dark.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\he2uqt7d.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4af06c6d ... g=en-US&q=
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\he2uqt7d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\he2uqt7d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg9\Firefox
FF - Ext: AVG Security Toolbar em:version=7.005.030.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg9\toolbar\firefox\avg@igeared
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\all users\application data\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Google Photos Screensaver: {57E72829-C158-4341-BBED-58F0AD1740FD} - c:\program files\google\google photos screensaver\FF_ext
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-22 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-22 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-22 243152]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2010-9-9 1935656]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
R2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 5\PDFProFiltSrv.exe [2008-2-2 144672]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2010-9-9 71008]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\drivers\MAudioDelta.sys [2011-5-24 302472]
S2 gupdate1ca21ce79496274;Google Update Service (gupdate1ca21ce79496274);c:\program files\google\update\GoogleUpdate.exe [2009-8-20 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-8-20 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-20 133104]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 947528]
.
=============== Created Last 30 ================
.
2011-06-23 21:45:35 348160 ----a-w- c:\documents and settings\owner\local settings\application data\xmi.exe
.
==================== Find3M ====================
.
2011-06-17 13:42:44 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-05-05 16:38:25 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr
.
============= FINISH: 15:58:40.03 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/22/2009 12:41:32 PM
System Uptime: 6/24/2011 7:25:32 AM (8 hours ago)
.
Motherboard: http://www.abit.com.tw/ | | IS7-V2 (Intel i848P-ICH5)
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 478 | 3072/204mhz
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 478 | 3072/204mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 263.554 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP684: 3/27/2011 10:23:06 AM - System Checkpoint
RP685: 3/28/2011 7:17:35 PM - System Checkpoint
RP686: 3/29/2011 8:10:34 PM - System Checkpoint
RP687: 3/30/2011 8:46:38 PM - System Checkpoint
RP688: 3/31/2011 9:34:35 PM - System Checkpoint
RP689: 4/1/2011 10:10:40 PM - System Checkpoint
RP690: 4/2/2011 10:46:40 PM - System Checkpoint
RP691: 4/3/2011 11:22:21 PM - System Checkpoint
RP692: 4/5/2011 5:54:28 PM - System Checkpoint
RP693: 4/6/2011 6:43:54 PM - System Checkpoint
RP694: 4/7/2011 7:24:57 PM - System Checkpoint
RP695: 4/8/2011 8:36:59 PM - System Checkpoint
RP696: 4/9/2011 9:36:57 PM - System Checkpoint
RP697: 4/12/2011 12:49:33 PM - System Checkpoint
RP698: 4/13/2011 1:43:50 PM - System Checkpoint
RP699: 4/14/2011 4:09:18 PM - System Checkpoint
RP700: 4/15/2011 4:18:56 PM - System Checkpoint
RP701: 4/16/2011 5:30:56 PM - System Checkpoint
RP702: 4/17/2011 6:55:26 PM - System Checkpoint
RP703: 4/18/2011 7:54:58 PM - System Checkpoint
RP704: 4/19/2011 8:18:56 PM - System Checkpoint
RP705: 4/20/2011 9:05:26 PM - System Checkpoint
RP706: 4/21/2011 9:39:02 PM - System Checkpoint
RP707: 4/22/2011 10:04:08 PM - System Checkpoint
RP708: 4/23/2011 10:40:07 PM - System Checkpoint
RP709: 4/24/2011 11:52:07 PM - System Checkpoint
RP710: 4/26/2011 12:53:03 AM - System Checkpoint
RP711: 4/27/2011 2:29:06 AM - System Checkpoint
RP712: 5/2/2011 10:02:10 AM - System Checkpoint
RP713: 5/3/2011 10:24:05 AM - System Checkpoint
RP714: 5/4/2011 11:43:54 AM - System Checkpoint
RP715: 5/5/2011 9:38:32 AM - Avg Update
RP716: 5/6/2011 11:19:58 AM - System Checkpoint
RP717: 5/7/2011 11:37:55 AM - System Checkpoint
RP718: 5/8/2011 11:49:55 AM - System Checkpoint
RP719: 5/9/2011 8:29:13 AM - Avg Update
RP720: 5/10/2011 10:26:57 AM - System Checkpoint
RP721: 5/11/2011 8:29:53 AM - Avg Update
RP722: 5/12/2011 10:39:00 AM - System Checkpoint
RP723: 5/13/2011 10:50:16 AM - System Checkpoint
RP724: 5/14/2011 11:38:16 AM - System Checkpoint
RP725: 5/15/2011 12:26:18 PM - System Checkpoint
RP726: 5/16/2011 12:27:22 PM - System Checkpoint
RP727: 5/17/2011 1:02:19 PM - System Checkpoint
RP728: 5/18/2011 2:14:22 PM - System Checkpoint
RP729: 5/19/2011 2:44:32 PM - System Checkpoint
RP730: 5/20/2011 2:56:26 PM - System Checkpoint
RP731: 5/21/2011 3:08:22 PM - System Checkpoint
RP732: 5/22/2011 4:08:22 PM - System Checkpoint
RP733: 5/23/2011 5:08:23 PM - System Checkpoint
RP734: 5/24/2011 11:13:14 AM - Installed M-Audio Delta Driver 6.0.2 (x86)
RP735: 5/25/2011 11:24:02 AM - System Checkpoint
RP736: 5/26/2011 12:16:31 PM - System Checkpoint
RP737: 5/27/2011 12:48:18 PM - System Checkpoint
RP738: 5/28/2011 1:50:48 PM - System Checkpoint
RP739: 5/29/2011 2:14:18 PM - System Checkpoint
RP740: 5/30/2011 5:33:58 PM - System Checkpoint
RP741: 5/31/2011 6:26:24 PM - System Checkpoint
RP742: 6/3/2011 8:37:12 PM - System Checkpoint
RP743: 6/4/2011 9:43:24 PM - System Checkpoint
RP744: 6/5/2011 10:31:24 PM - System Checkpoint
RP745: 6/7/2011 11:23:08 AM - System Checkpoint
RP746: 6/8/2011 12:08:13 PM - System Checkpoint
RP747: 6/9/2011 1:00:55 PM - System Checkpoint
RP748: 6/10/2011 1:47:53 PM - System Checkpoint
RP749: 6/11/2011 3:56:21 PM - System Checkpoint
RP750: 6/12/2011 4:07:23 PM - System Checkpoint
RP751: 6/13/2011 5:22:04 PM - System Checkpoint
RP752: 6/14/2011 5:42:51 PM - System Checkpoint
RP753: 6/15/2011 6:18:52 PM - System Checkpoint
RP754: 6/17/2011 6:36:55 AM - Removed Google Earth.
RP755: 6/18/2011 8:03:07 AM - System Checkpoint
RP756: 6/19/2011 8:04:46 AM - System Checkpoint
RP757: 6/20/2011 9:26:37 AM - System Checkpoint
RP758: 6/21/2011 9:50:37 AM - System Checkpoint
RP759: 6/22/2011 9:57:04 AM - System Checkpoint
RP760: 6/23/2011 10:02:03 AM - System Checkpoint
RP761: 6/24/2011 12:32:53 PM - System Checkpoint
.
==== Installed Programs ======================
.
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Audacity 1.2.6
AusLogics Disk Defrag
AVG Free 9.0
Bankruptcy2009
Brother MFL-Pro Suite
BSA Pro Legal Billing Software
CCleaner
Chronogogue - The Time Optimizer 1.0.6
Cool Timer 3.6
EIPC Free Calendar
Emsisoft Anti-Malware 5.0
Google Apps
Google Chrome
Google Desktop
Google Earth
Google Photos Screensaver
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
InstallMgr
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 7
LG USB Modem driver
LimeWire 5.1.4
M-Audio Delta Driver 6.0.2 (x86)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.19)
MSN Toolbar
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Essentials
neroxml
Nuance PDF Professional 5
OpenOffice.org 3.0
Palm
Palm Conduit Support for COM
PDF-XChange 2.5 Driver Install
Picasa 3
PMB
PowerDVD
QuickTime
Realtek AC'97 Audio
Reminder Xpert 1.0
Scansoft PDF Professional
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB898461)
Update for Windows XP (KB904942)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
WordPerfect Office X3
.
==== Event Viewer Messages From Past Week ========
.
6/23/2011 3:04:25 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
.
==== End Of File ===========================


Thank you for any help you may give,

brickdiamond
brickdiamond
Active Member
 
Posts: 5
Joined: June 24th, 2011, 1:48 pm
Advertisement
Register to Remove

Re: Fake Anti Virus software

Unread postby brickdiamond » June 25th, 2011, 2:10 pm

Dear Member:
UPDATE:
After much resistance from the Trojan, I was able to open AVG9 and do a scan.
AVG identified the thing as "FAKEAV.PZA." It is in the "Virus Vault" now.
After a re-boot, the offending pop-ups requesting "registration" have stopped.
However, some collateral damage done by the thing still persists.

sincerely yours,

brickdiamond
brickdiamond
Active Member
 
Posts: 5
Joined: June 24th, 2011, 1:48 pm

Re: Fake Anti Virus software

Unread postby deltalima » June 25th, 2011, 2:24 pm

You have replied to your own topic, and as a result we must close this topic.

May I draw your attention to THIS topic, which you should have read before posting for help.

THIS is the section that tells you why you should not reply to your own topic.

This topic will now be closed

If you still require help, please open a new thread in the Malware Removal forum, post the logs asked for in the first topic I linked to and wait for assistance.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 27 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware