Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 fme


  • Members
  • 1 posts
  • Local time:06:24 PM

Posted 05 December 2009 - 09:57 AM

It all started with somekind of fake anti virus software that I didn't recognize.
Then I googled it, found out what it was. Followed instructions to delete it. And it's still there and seems angry at me.
I can't remember the original name of the software, because the name seems to have changed.
It was something in the lines of "Antivirus System Pro 2009" It keeps Giving me a "Security Warning" telling me "Application cannot be executed. The files wuauclt.exe is infected. Do you want to activate your antivirus software now?" and that file name varies by the way.. it can be Winlogon.exe, etc..
What else? A red window pops up asking me to activate Antivirus System Pro or Stay Unprotected .
And I've got a system tray popup that says "Infultration Alert" with a bunch of details and IP ADDRESS, etc..

And since I'm typing this message it has opened multiple IE tabs, Porno.com, viagra.com, adult.com, and again, adult.com.

The system tray has a bunch of little yellow anti virus things that appears, when I put my mouse over them they dissappear.

I've tried to run ComboFix by renaming it. Not working.
I also tried Malwarebytes' Anti-malware, and also by renaming it. With no luck.
This thing is blocking every remedy so far...

How can I terminate this thing besides smashing my pc into 100 pieces?

Edited by fme, 05 December 2009 - 10:01 AM.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,490 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:07:24 PM

Posted 05 December 2009 - 03:50 PM

Hello let's try it this way..

First run RKill. (You may need to run it several times)Then quickly run MBAM.

Please download Rkill by Grinler and save it to your desktop.Link 2
Link 3
Link 4
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
You will need to run the application again if rebooting the computer occurs along the way.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users