Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


New executable for antivirus soft malware

  • Please log in to reply
No replies to this topic

#1 Brian Surratt

Brian Surratt

  • Members
  • 1 posts
  • Local time:04:51 PM

Posted 06 March 2010 - 07:02 PM

Last night my wife contracted the Antivirus Soft malware on her computer. I tried all of the usual tools, MalwareBytes, Clamwin, Spybot, but none of them seemed to remove it. Looking at all of the instructions on how to remove it, I couldn't find any of the registry entries that were indicated as being symptoms.

Finally, I ran HijackThis and started going through the log manually and found the little stinker. Here's the line item from the log.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\itbotr\cmqfsftav.exe

Had HijackThis take that entry out of the registry, rebooted and all is well.

So, it looks like this is a brand new name for the executable. I'm not a regular in the malware community, so I don't know the "official" channels for sharing this info. Just spreading the word, to help support the folks that make these great tools and the community.

Edited by Orange Blossom, 06 March 2010 - 07:03 PM.
Move to AII. ~ OB

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users