Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

antivirus pro 2010 scam


  • Please log in to reply
4 replies to this topic

#1 teddish

teddish

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 08 October 2009 - 01:49 PM

Hi there!

I'm using Windows XP with SP3.
I got this Virus while surfing the Internet with Firefox 3.5.2 but I had Thunderbird minimized all the time(and checked my mails now and then) so I can't confirm if I could have infected my PC with Thunderbird or Firefox.
So the Popups of a fake Security Center came up and a program called "antivirus pro 2010" installed itself(although I didn' click any of the popups!?). I think I must have clicked something by accident cause else I would not have been infected? (accidently or not I'm Infected now :flowers: )

Posted Image

I followed those instructions here and installed Malwarebyte's Anti-Malware and it deleted all threats it had found.
But before I could do that my Internetprovider blocked my InternetConnection and all pages I tried to visit came up with a genuine Message that said that they blocked my inernetconnection because of detected Malware.The message must have been genuine because it was in german(I'm german,my provider is german and the virus is english) and because it got displayed on all PCs that tried to use our Internetconnection.

Now (after the anti-malware scan) the Windows taskbar isn't clickable anymore and Daemon Tools wich usually started up on Startup gives the error Message :"This Program needs at least Windows 2000 with an installed SPTD-Driver Version 1.51. The Kernel-Debugger must be deactivated" (I actually translated that).

And I've got a task in my taskbar wich I find suspicious "FastNetSrv.exe". Google says that its a keylogger which detects banking details :trumpet:

I tried to run DDS but it says that the Script Host is deactivated...

I'm guessing I have to format/reinstall but maybe somebody can help me out here :thumbsup:

Thanks in advance and let me know if you need to know something

BC AdBot (Login to Remove)

 


#2 teddish

teddish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 09 October 2009 - 11:49 AM

So I'd like to reformat and reinstall windows. is it okay to move ALL the files on my C: drive to a portable Harddrive?
Because I have a lot of stuff on my C: drive and I can't be ars*d to look through all the dirs to know what I must backup.
Is there a way, that the Virus will keep coming back after the reformat as long as I don't start any executables from my "old C: drive" data that is stored on the portable drive?

Thanks in advance.

#3 cday

cday

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:06 PM

Posted 09 October 2009 - 11:54 AM

please try combofix. Let it update from internet. Try this in safe-mode with networking mode.
LEARN TO SHARE AND SHARE TO LEARN

#4 teddish

teddish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 09 October 2009 - 12:39 PM

please try combofix. Let it update from internet. Try this in safe-mode with networking mode.


ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

:thumbsup:

+ you didn't answer my question :flowers:

#5 teddish

teddish
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 PM

Posted 13 October 2009 - 08:37 AM

So I'd like to reformat and reinstall windows. is it okay to move ALL the files on my C: drive to a portable Harddrive?
Because I have a lot of stuff on my C: drive and I can't be ars*d to look through all the dirs to know what I must backup.
Is there a way, that the Virus will keep coming back after the reformat as long as I don't start any executables from my "old C: drive" data that is stored on the portable drive?

Thanks in advance.


sorry to bump the thread once again but I would like to know if this is a safe procedure.

So I basically want to copy the whole (once infected) C: drive to a portable hdd.
Then I want to format c: and reinstall windows.
Then I could backup some single things (documents,media,...) to the reformatted drive.
Is there a way that the virus will still be there?
Can the virus get transferred (although I scanned with malwarebytes and deleted all infected files) to my portable drive when I copy all the files over there?

Thanks in advance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users